Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens": assumes φ and φ  ψ shows ψ
17  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
18lemmas MP = "modus-ponens"
19
20subsection‹(Modally Strict) Proofs and Derivations›
21text‹\label{PLM: 9.2}›
22
23AOT_theorem "non-con-thm-thm": assumes  φ shows  φ
24  using assms by simp
25
26AOT_theorem "vdash-properties:1[1]": assumes φ  Λ shows  φ
27  using assms unfolding AOT_model_act_axiom_def by blast (* NOTE: semantics needed *)
28
29text‹Convenience attribute for instantiating modally-fragile axioms.›
30attribute_setup act_axiom_inst =
31  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
32  "Instantiate modally fragile axiom as modally fragile theorem."
33
34AOT_theorem "vdash-properties:1[2]": assumes φ  Λ shows  φ
35  using assms unfolding AOT_model_axiom_def by blast (* NOTE: semantics needed *)
36
37text‹Convenience attribute for instantiating modally-strict axioms.›
38attribute_setup axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
40  "Instantiate axiom as theorem."
41
42text‹Convenience methods and theorem sets for applying "cqt:2".›
43method cqt_2_lambda_inst_prover = (fast intro: AOT_instance_of_cqt_2_intro)
44method "cqt:2[lambda]" = (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
45lemmas "cqt:2" = "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst] AOT_instance_of_cqt_2_intro
46method "cqt:2" = (safe intro!: "cqt:2")
47
48AOT_theorem "vdash-properties:3": assumes  φ shows Γ  φ
49  using assms by blast
50
51AOT_theorem "vdash-properties:5": assumes Γ1  φ and Γ2  φ  ψ shows Γ1, Γ2  ψ
52  using MP assms by blast
53
54AOT_theorem "vdash-properties:6": assumes φ and φ  ψ shows ψ
55  using MP assms by blast
56
57AOT_theorem "vdash-properties:8": assumes Γ  φ and φ  ψ shows Γ  ψ
58  using assms by argo
59
60AOT_theorem "vdash-properties:9": assumes φ shows ψ  φ
61  using MP "pl:1"[axiom_inst] assms by blast
62
63AOT_theorem "vdash-properties:10": assumes φ  ψ and φ shows ψ
64  using MP assms by blast
65lemmas "→E" = "vdash-properties:10"
66
67subsection‹Two Fundamental Metarules: GEN and RN›
68text‹\label{PLM: 9.3}›
69
70AOT_theorem "rule-gen": assumes for arbitrary α: φ{α} shows α φ{α}
71  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall) (* NOTE: semantics needed *)
72lemmas GEN = "rule-gen"
73
74AOT_theorem "RN[prem]": assumes Γ  φ shows Γ  φ
75  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
76AOT_theorem RN: assumes  φ shows φ
77  using "RN[prem]" assms by blast
78
79subsection‹The Inferential Role of Definitions›
80text‹\label{PLM: 9.4}›
81
82AOT_axiom "df-rules-formulas[1]": assumes φ df ψ shows φ  ψ
83  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
84AOT_axiom "df-rules-formulas[2]": assumes φ df ψ shows ψ  φ
85  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
86(* NOTE: for convenience also state the above as regular theorems *)
87AOT_theorem "df-rules-formulas[3]": assumes φ df ψ shows φ  ψ
88  using "df-rules-formulas[1]"[axiom_inst, OF assms].
89AOT_theorem "df-rules-formulas[4]": assumes φ df ψ shows ψ  φ
90  using "df-rules-formulas[2]"[axiom_inst, OF assms].
91
92
93AOT_axiom "df-rules-terms[1]":
94  assumes τ{α1...αn} =df σ{α1...αn}
95  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
96  using assms by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
97AOT_axiom "df-rules-terms[2]":
98  assumes τ =df σ
99  shows (σ  τ = σ) & (¬σ  ¬τ)
100  by (metis "df-rules-terms[1]" case_unit_Unity assms)
101(* NOTE: for convenience also state the above as regular theorems *)
102AOT_theorem "df-rules-terms[3]":
103  assumes τ{α1...αn} =df σ{α1...αn}
104  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
105  using "df-rules-terms[1]"[axiom_inst, OF assms].
106AOT_theorem "df-rules-terms[4]":
107  assumes τ =df σ
108  shows (σ  τ = σ) & (¬σ  ¬τ)
109  using "df-rules-terms[2]"[axiom_inst, OF assms].
110
111subsection‹The Theory of Negations and Conditionals›
112text‹\label{PLM: 9.5}›
113
114AOT_theorem "if-p-then-p": φ  φ
115  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
116
117AOT_theorem "deduction-theorem": assumes φ  ψ shows φ  ψ
118  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
119lemmas CP = "deduction-theorem"
120lemmas "→I" = "deduction-theorem"
121
122AOT_theorem "ded-thm-cor:1": assumes Γ1  φ  ψ and Γ2  ψ  χ shows Γ1, Γ2  φ  χ
123  using "→E" "→I" assms by blast
124AOT_theorem "ded-thm-cor:2": assumes Γ1  φ  (ψ  χ) and Γ2  ψ shows Γ1, Γ2  φ  χ
125  using "→E" "→I" assms by blast
126
127AOT_theorem "ded-thm-cor:3": assumes φ  ψ and ψ  χ shows φ  χ
128  using "→E" "→I" assms by blast
129declare "ded-thm-cor:3"[trans]
130AOT_theorem "ded-thm-cor:4": assumes φ  (ψ  χ) and ψ shows φ  χ
131  using "→E" "→I" assms by blast
132
133lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
134
135AOT_theorem "useful-tautologies:1": ¬¬φ  φ
136  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
137AOT_theorem "useful-tautologies:2": φ  ¬¬φ
138  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
139AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
140  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
141AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
142  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
143AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
144  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
145
146AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
147  by (metis "→I" MP "useful-tautologies:4")
148
149AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
150  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
151
152AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
153  by (metis "→I" MP "useful-tautologies:5")
154
155AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
156  by (metis "→I" MP "useful-tautologies:6")
157
158AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
159  by (metis "→I" MP "pl:3"[axiom_inst])
160
161AOT_theorem "dn-i-e:1": assumes φ shows ¬¬φ
162  using MP "useful-tautologies:2" assms by blast
163lemmas "¬¬I" = "dn-i-e:1"
164AOT_theorem "dn-i-e:2": assumes ¬¬φ shows φ
165  using MP "useful-tautologies:1" assms by blast
166lemmas "¬¬E" = "dn-i-e:2"
167
168AOT_theorem "modus-tollens:1": assumes φ  ψ and ¬ψ shows ¬φ
169  using MP "useful-tautologies:5" assms by blast
170AOT_theorem "modus-tollens:2": assumes φ  ¬ψ and ψ shows ¬φ
171  using "¬¬I" "modus-tollens:1" assms by blast
172lemmas MT = "modus-tollens:1" "modus-tollens:2"
173
174AOT_theorem "contraposition:1[1]": assumes φ  ψ shows ¬ψ  ¬φ
175  using "→I" MT(1) assms by blast
176AOT_theorem "contraposition:1[2]": assumes ¬ψ  ¬φ shows φ  ψ
177  using "→I" "¬¬E" MT(2) assms by blast
178
179AOT_theorem "contraposition:2": assumes φ  ¬ψ shows ψ  ¬φ
180  using "→I" MT(2) assms by blast
181
182(* TODO: this is actually a mixture of the two variants given in PLM; adjust. *)
183AOT_theorem "reductio-aa:1":
184  assumes ¬φ  ¬ψ and ¬φ  ψ shows φ
185  using "→I" "¬¬E" MT(2) assms by blast
186AOT_theorem "reductio-aa:2":
187  assumes φ  ¬ψ and φ  ψ shows ¬φ
188  using "reductio-aa:1" assms by blast
189lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
190
191AOT_theorem "exc-mid": φ  ¬φ
192  using "df-rules-formulas[4]" "if-p-then-p" MP "conventions:2" by blast
193
194AOT_theorem "non-contradiction": ¬(φ & ¬φ)
195  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2" "conventions:1" by blast
196
197AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
198  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
199AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
200  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2) "¬¬E" "conventions:1")
201lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
202
203AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
204  by (meson "contraposition:1[2]" "df-rules-formulas[4]" MP "→I" "conventions:2")
205AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
206  using "Hypothetical Syllogism" "df-rules-formulas[4]" "pl:1"[axiom_inst] "conventions:2" by blast
207lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
208
209AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
210  by (metis "contraposition:2" "Hypothetical Syllogism" "→I" "df-rules-formulas[4]" "conventions:1")
211lemmas Adjunction = "con-dis-taut:5"
212
213AOT_theorem "con-dis-taut:6": (φ & φ)  φ
214  by (metis Adjunction "→I" "df-rules-formulas[4]" MP "Conjunction Simplification"(1) "conventions:3")
215lemmas "Idempotence of &" = "con-dis-taut:6"
216
217AOT_theorem "con-dis-taut:7": (φ  φ)  φ
218proof -
219  {
220    AOT_assume φ  φ
221    AOT_hence ¬φ  φ
222      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
223    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
224  }
225  moreover {
226    AOT_assume φ
227    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
228  }
229  ultimately AOT_show (φ  φ)  φ
230    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
231    by (metis Adjunction "→I")
232qed
233lemmas "Idempotence of ∨" = "con-dis-taut:7"
234
235
236AOT_theorem "con-dis-i-e:1": assumes φ and ψ shows φ & ψ
237  using Adjunction MP assms by blast
238lemmas "&I" = "con-dis-i-e:1"
239
240AOT_theorem "con-dis-i-e:2:a": assumes φ & ψ shows φ
241  using "Conjunction Simplification"(1) MP assms by blast
242AOT_theorem "con-dis-i-e:2:b": assumes φ & ψ shows ψ
243  using "Conjunction Simplification"(2) MP assms by blast
244lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
245
246AOT_theorem "con-dis-i-e:3:a": assumes φ shows φ  ψ
247  using "Disjunction Addition"(1) MP assms by blast
248AOT_theorem "con-dis-i-e:3:b": assumes ψ shows φ  ψ
249  using "Disjunction Addition"(2) MP assms by blast
250AOT_theorem "con-dis-i-e:3:c": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
251  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2) "df-rules-formulas[3]" MT(1) RAA(1) "conventions:2" assms)
252lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
253
254AOT_theorem "con-dis-i-e:4:a": assumes φ  ψ and φ  χ and ψ  χ shows χ
255  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
256AOT_theorem "con-dis-i-e:4:b": assumes φ  ψ and ¬φ shows ψ
257  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
258AOT_theorem "con-dis-i-e:4:c": assumes φ  ψ and ¬ψ shows φ
259  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
260lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
261
262AOT_theorem "raa-cor:1": assumes ¬φ  ψ & ¬ψ shows φ
263  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
264AOT_theorem "raa-cor:2": assumes φ  ψ & ¬ψ shows ¬φ
265  using "raa-cor:1" assms by blast
266AOT_theorem "raa-cor:3": assumes φ and ¬ψ  ¬φ shows ψ
267  using RAA assms by blast
268AOT_theorem "raa-cor:4": assumes ¬φ and ¬ψ  φ shows ψ
269  using RAA assms by blast
270AOT_theorem "raa-cor:5": assumes φ and ψ  ¬φ shows ¬ψ
271  using RAA assms by blast
272AOT_theorem "raa-cor:6": assumes ¬φ and ψ  φ shows ¬ψ
273  using RAA assms by blast
274
275(* TODO: note these need manual introduction rules *)
276AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
277  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
278     (metis "&E" "&I" "raa-cor:3" "→I" MP)
279AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
280  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
281     (metis "&E" "&I" "raa-cor:3" "→I" MP)
282AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
283  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
284     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
285
286AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
287  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
288     (meson "&I" "&E" "→I")
289lemmas "Commutativity of &" = "oth-class-taut:2:a"
290AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
291  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
292     (metis "&I" "&E" "→I")
293lemmas "Associativity of &" = "oth-class-taut:2:b"
294AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
295  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
296     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
297lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
298AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
299  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
300     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
301lemmas "Associativity of ∨" = "oth-class-taut:2:d"
302AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
303  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
304      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E" "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
305lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
306AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
307  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
308        "→I" "→E" "&E" "&I"
309  by metis
310lemmas "Associativity of ≡" = "oth-class-taut:2:f"
311
312AOT_theorem "oth-class-taut:3:a": φ  φ
313  using "&I" "vdash-properties:6" "if-p-then-p" "df-rules-formulas[4]" "conventions:3" by blast
314AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
315  using "&I" "useful-tautologies:1" "useful-tautologies:2" "vdash-properties:6" "df-rules-formulas[4]" "conventions:3" by blast
316AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
317  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
318
319AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
320  by (metis "→E" "→I")
321AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
322  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
323        "→I" "→E" "&E" "&I" RAA by metis
324AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
325  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
326        "→I" "→E" "&E" "&I" by metis
327AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
328  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
329        "→I" "→E" "&E" "&I" by metis
330AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
331  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
332        "→I" "→E" "&E" "&I" by metis
333AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
334  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
335        "→I" "→E" "&E" "&I" by metis
336AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
337proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"] "&I" "→I"
338           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
339  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
340    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
341next
342  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
343    using that "∨E" "&E" "raa-cor:3" by blast
344next
345  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
346    using that "∨E" "&E" "raa-cor:3" by blast
347qed
348AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
349proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"] "&I" "→I")
350  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
351    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]" "raa-cor:3" "conventions:3")
352next
353  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
354    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]" "raa-cor:3" "conventions:3")
355qed
356AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
357  using "conventions:3"[THEN "df-rules-formulas[4]"]
358        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
359AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
360  using "conventions:3"[THEN "df-rules-formulas[4]"]
361        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
362AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
363  using "conventions:3"[THEN "df-rules-formulas[4]"]
364        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
365AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
366  using "conventions:3"[THEN "df-rules-formulas[4]"]
367        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
368
369lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
370
371AOT_theorem "oth-class-taut:6:a": (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
372  using "conventions:3"[THEN "df-rules-formulas[4]"]
373        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
374AOT_theorem "oth-class-taut:6:b": (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
375  using "conventions:3"[THEN "df-rules-formulas[4]"]
376        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
377
378AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
379  by (metis "&I" "→E" "→I")
380lemmas Exportation = "oth-class-taut:7:a"
381AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
382  by (metis "&E" "→E" "→I")
383lemmas Importation = "oth-class-taut:7:b"
384
385AOT_theorem "oth-class-taut:8:a": (φ  (ψ  χ))  (ψ  (φ  χ))
386  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I" by metis
387lemmas Permutation = "oth-class-taut:8:a"
388AOT_theorem "oth-class-taut:8:b": (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
389  by (metis "&I" "→E" "→I")
390lemmas Composition = "oth-class-taut:8:b"
391AOT_theorem "oth-class-taut:8:c": (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
392  by (metis "∨E"(2) "→E" "→I" RAA(1))
393AOT_theorem "oth-class-taut:8:d": ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
394  by (metis "&E" "&I" "→E" "→I")
395lemmas "Double Composition" = "oth-class-taut:8:d"
396AOT_theorem "oth-class-taut:8:e": ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
397  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
398            "→I" "→E" "&E" "&I")
399AOT_theorem "oth-class-taut:8:f": ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
400  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
401            "→I" "→E" "&E" "&I")
402AOT_theorem "oth-class-taut:8:g": (ψ  χ)  ((φ  ψ)  (φ  χ))
403  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
404            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
405AOT_theorem "oth-class-taut:8:h": (ψ  χ)  ((ψ  φ)  (χ  φ))
406  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
407            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
408AOT_theorem "oth-class-taut:8:i": (φ  (ψ & χ))  (ψ  (φ  χ))
409  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
410            "→I" "→E" "&E" "&I")
411
412AOT_theorem "intro-elim:1": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
413  by (metis assms "∨I"(1, 2) "∨E"(1) "conventions:3"[THEN "df-rules-formulas[3]"] "→I" "→E" "&E"(1))
414
415AOT_theorem "intro-elim:2": assumes φ  ψ and ψ  φ shows φ  ψ
416  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
417lemmas "≡I" = "intro-elim:2"
418
419AOT_theorem "intro-elim:3:a": assumes φ  ψ and φ shows ψ
420  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
421AOT_theorem "intro-elim:3:b": assumes φ  ψ and ψ shows φ
422  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
423AOT_theorem "intro-elim:3:c": assumes φ  ψ and ¬φ shows ¬ψ
424  using "intro-elim:3:b" "raa-cor:3" assms by blast
425AOT_theorem "intro-elim:3:d": assumes φ  ψ and ¬ψ shows ¬φ
426  using "intro-elim:3:a" "raa-cor:3" assms by blast
427AOT_theorem "intro-elim:3:e": assumes φ  ψ and ψ  χ shows φ  χ
428  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
429declare "intro-elim:3:e"[trans]
430AOT_theorem "intro-elim:3:f": assumes φ  ψ and φ  χ shows χ  ψ
431  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
432lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c" "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
433
434declare "Commutativity of ≡"[THEN "≡E"(1), sym]
435
436AOT_theorem "rule-eq-df:1": assumes φ df ψ shows φ  ψ
437  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
438lemmas "≡Df" = "rule-eq-df:1"
439AOT_theorem "rule-eq-df:2": assumes φ df ψ and φ shows ψ
440  using "≡Df" "≡E"(1) assms by blast
441lemmas "≡dfE" = "rule-eq-df:2"
442AOT_theorem "rule-eq-df:3": assumes φ df ψ and ψ shows φ
443  using "≡Df" "≡E"(2) assms by blast
444lemmas "≡dfI" = "rule-eq-df:3"
445
446AOT_theorem  "df-simplify:1": assumes φ  (ψ & χ) and ψ shows φ  χ
447  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
448(* TODO: this is a slight variation from PLM *)
449AOT_theorem  "df-simplify:2": assumes φ  (ψ & χ) and χ shows φ  ψ
450  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
451lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
452
453subsection‹The Theory of Quantification›
454text‹\label{PLM: 9.6}›
455
456AOT_theorem "rule-ui:1": assumes α φ{α} and τ shows φ{τ}
457  using "→E" "cqt:1"[axiom_inst] assms by blast
458AOT_theorem "rule-ui:2[const_var]": assumes α φ{α} shows φ{β}
459  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
460(* TODO: precise proviso in PLM *)
461AOT_theorem "rule-ui:2[lambda]":
462  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
463  shows φ{ν1...νn ψ{ν1...νn}]}
464  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
465AOT_theorem "rule-ui:3": assumes α φ{α} shows φ{α}
466  by (simp add: "rule-ui:2[const_var]" assms)
467lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]" "rule-ui:2[lambda]" "rule-ui:3"
468
469AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β} by (simp add: "∀E"(2) "→I")
470AOT_theorem "cqt-orig:1[lambda]":
471  assumes INSTANCE_OF_CQT_2(ψ)
472  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
473  by (simp add: "∀E"(3) "→I" assms)
474AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
475  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
476AOT_theorem "cqt-orig:3": α φ{α}  φ{α} using "cqt-orig:1[const_var]" .
477
478(* TODO: work out difference to GEN *)
479AOT_theorem universal: assumes for arbitrary β: φ{β} shows α φ{α}
480  using GEN assms .
481lemmas "∀I" = universal
482
483(* Generalized mechanism for "∀I" followed by ∀E *)
484ML485fun get_instantiated_allI ctxt varname thm = let
486val trm = Thm.concl_of thm
487val trm = case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
488                      | _ => raise Term.TERM ("Expected simple theorem.", [trm])
489fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
490    (if fst (fst v) = fst varname then [Var v] else []) (* TODO: care about the index? *)
491  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
492  | extractVars (Abs (_, _, t)) = extractVars t
493  | extractVars _ = []
494val vars = extractVars trm
495val vars = fold Term.add_vars vars []
496val var = hd vars
497val trmty = case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
498              | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
499val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
500      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
501       $ Var var, trm))
502val trm = Thm.cterm_of (Context.proof_of ctxt) trm
503val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
504val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
505val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
506val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
507val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
508in
509allthm
510end
511
512
513attribute_setup "∀I" =
514  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
515  (fn ctxt => fn thm => fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm))
516  "Quantify over a variable in a theorem using GEN."
517
518attribute_setup "unvarify" =
519  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
520  (fn ctxt => fn thm =>
521    let
522    val thm = fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm
523    val thm = fold (fn _ => fn thm => thm RS @{thm "∀E"(1)}) args thm
524    in
525     thm
526    end))
527  "Generalize a statement about variables to a statement about denoting terms."
528
529(* TODO: rereplace-lem does not apply to the embedding *)
530
531AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
532  by (metis "≡I" "∀E"(2) "∀I" "→I")
533
534AOT_theorem "cqt-basic:2": α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
535proof (rule "≡I"; rule "→I")
536  AOT_assume α(φ{α}  ψ{α})
537  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
538  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
539    using "≡E"(1,2) "→I" by blast+
540  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
541    by (auto intro: "&I" "∀I")
542next
543  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
544  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
545    using "∀E"(2) "&E" by blast+
546  AOT_hence φ{α}  ψ{α} for α
547    using "≡I" by blast
548  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
549qed
550
551AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
552proof(rule "→I")
553  AOT_assume α(φ{α}  ψ{α})
554  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
555  {
556    AOT_assume α φ{α}
557    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
558  }
559  moreover {
560    AOT_assume α ψ{α}
561    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
562  }
563  ultimately AOT_show α φ{α}  α ψ{α}
564    using "≡I" "→I" by auto
565qed
566
567AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
568proof(rule "→I")
569  AOT_assume 0: α(φ{α} & ψ{α})
570  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
571  AOT_thus α φ{α} & α ψ{α}
572    by (auto intro: "∀I" "&I")
573qed
574
575AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
576  using "cqt-orig:3" by blast
577
578AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
579  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
580
581AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
582  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
583
584AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
585  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
586
587AOT_theorem "cqt-basic:9": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
588proof -
589  {
590    AOT_assume α (φ{α}  ψ{α})
591    moreover AOT_assume α (ψ{α}  χ{α})
592    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α using "∀E" by blast+
593    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
594    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
595  }
596  thus ?thesis using "&I" "→I" "&E" by meson
597qed
598
599AOT_theorem "cqt-basic:10": (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
600proof(rule "→I"; rule "∀I")
601  fix β
602  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
603  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
604  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
605qed
606
607AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
608proof (rule "≡I"; rule "→I")
609  AOT_assume 0: α(φ{α}  ψ{α})
610  {
611    fix α
612    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
613    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
614  }
615  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
616next
617  AOT_assume 0: α(ψ{α}  φ{α})
618  {
619    fix α
620    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
621    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
622  }
623  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
624qed
625
626AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
627  by (simp add: "∀E"(2) "→I" GEN)
628
629AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
630  using "≡I" "→I" by blast
631
632AOT_theorem "cqt-basic:14": (α1...∀αn (φ{α1...αn}  ψ{α1...αn}))  ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
633  using "cqt:3"[axiom_inst] by auto
634
635AOT_theorem "cqt-basic:15": (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
636  using "cqt-orig:2" by auto
637
638(* TODO: once more the same in the embedding... need to distinguish these better *)
639AOT_theorem "universal-cor": assumes for arbitrary β: φ{β}  shows α φ{α}
640  using GEN assms .
641
642AOT_theorem "existential:1": assumes φ{τ} and τ shows α φ{α}
643proof(rule "raa-cor:1")
644  AOT_assume ¬α φ{α}
645  AOT_hence α ¬φ{α}
646    using "≡dfI" "conventions:4" RAA "&I" by blast
647  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
648  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
649qed
650
651AOT_theorem "existential:2[const_var]": assumes φ{β} shows α φ{α}
652  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
653
654AOT_theorem "existential:2[lambda]":
655  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
656  shows α φ{α}
657  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
658lemmas "∃I" = "existential:1" "existential:2[const_var]" "existential:2[lambda]" 
659
660AOT_theorem "instantiation":
661  assumes for arbitrary β: φ{β}  ψ and α φ{α}
662  shows ψ
663  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
664lemmas "∃E" = "instantiation"
665
666AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
667  using "∀E"(4) "∃I"(2) "→I" by metis
668
669AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
670  using "∀I" "∃I"(2) "→I" RAA by metis
671
672AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
673  using "∀E"(4) "∃E" "→I" RAA
674  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
675
676AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
677  using "∀I" "∃I"(2)"→I" RAA by metis
678
679AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
680  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
681
682AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
683  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
684
685AOT_theorem "cqt-further:7": α φ{α}  β φ{β} (* TODO: vacuous in the embedding *)
686  by (simp add: "oth-class-taut:3:a")
687
688AOT_theorem "cqt-further:8": (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
689  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
690
691AOT_theorem "cqt-further:9": (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
692  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
693
694AOT_theorem "cqt-further:10": (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
695proof(rule "→I"; rule "raa-cor:2")
696  AOT_assume 0: α φ{α} & ¬α ψ{α}
697  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
698  moreover AOT_assume α (φ{α}  ψ{α})
699  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
700  AOT_hence α ψ{α} using "∃I" by blast
701  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
702qed
703
704AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
705  using "≡I" "→I" "∃I"(2) "∃E" by metis
706
707subsection‹Logical Existence, Identity, and Truth›
708text‹\label{PLM: 9.7}›
709
710AOT_theorem "log-prop-prop:1":  φ]
711  using "cqt:2[lambda0]"[axiom_inst] by auto
712
713AOT_theorem "log-prop-prop:2": φ
714  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
715
716AOT_theorem "exist-nec": τ  τ
717proof -
718  AOT_have β β
719    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
720  AOT_thus τ  τ
721    using "cqt:1"[axiom_inst] "→E" by blast
722qed
723
724(* TODO: replace this mechanism by a "proof by types" command *)
725class AOT_Term_id = AOT_Term +
726  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
727      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
728
729instance κ :: AOT_Term_id
730proof
731  AOT_modally_strict {
732    AOT_show κ = κ'  κ for κ κ'
733    proof(rule "→I")
734      AOT_assume κ = κ'
735      AOT_hence O!κ  A!κ
736        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
737           (meson "→I" "∨I"(1) "&E"(1))+
738      AOT_thus κ
739        by (rule "∨E"(1))
740           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
741    qed
742  }
743next
744  AOT_modally_strict {
745    AOT_show κ = κ'  κ' for κ κ'
746    proof(rule "→I")
747      AOT_assume κ = κ'
748      AOT_hence O!κ'  A!κ'
749        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
750           (meson "→I" "∨I" "&E")+
751      AOT_thus κ'
752        by (rule "∨E"(1))
753           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
754    qed
755  }
756qed
757
758instance rel :: (AOT_κs) AOT_Term_id
759proof
760  AOT_modally_strict {
761    AOT_show Π = Π'  Π for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
762    proof(rule "→I")
763      AOT_assume Π = Π'
764      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
765    qed
766  }
767next
768  AOT_modally_strict {
769    AOT_show Π = Π'  Π' for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
770    proof(rule "→I")
771      AOT_assume Π = Π'
772      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
773    qed
774  }
775qed
776
777instance 𝗈 :: AOT_Term_id
778proof
779  AOT_modally_strict {
780    fix φ ψ
781    AOT_show φ = ψ  φ
782    proof(rule "→I")
783      AOT_assume φ = ψ
784      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
785    qed
786  }
787next
788  AOT_modally_strict {
789    fix φ ψ
790    AOT_show φ = ψ  ψ
791    proof(rule "→I")
792      AOT_assume φ = ψ
793      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
794    qed
795  }
796qed
797
798instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
799proof
800  AOT_modally_strict {
801    fix τ τ' :: 'a×'b
802    AOT_show τ = τ'  τ
803    proof (induct τ; induct τ'; rule "→I")
804      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
805      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
806      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
807      AOT_hence τ1 and τ2 using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
808      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
809    qed
810  }
811next
812  AOT_modally_strict {
813    fix τ τ' :: 'a×'b
814    AOT_show τ = τ'  τ'
815    proof (induct τ; induct τ'; rule "→I")
816      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
817      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
818      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
819      AOT_hence τ1' and τ2' using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
820      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
821    qed
822  }
823qed
824
825(* TODO: this is the end of the "proof by types" and makes the results available on new theorems *)
826AOT_register_type_constraints
827  Term: _::AOT_Term_id› _::AOT_Term_id›
828AOT_register_type_constraints
829  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
830AOT_register_type_constraints
831  Relation: <_::{AOT_κs, AOT_Term_id}>
832
833AOT_theorem "id-rel-nec-equiv:1": Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
834proof(rule "→I")
835  AOT_assume assumption: Π = Π'
836  AOT_hence Π and Π'
837    using "t=t-proper:1" "t=t-proper:2" MP by blast+
838  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn))  x1...∀xn ([F]x1...xn  [G]x1...xn)))
839    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
840  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn))
841    using "∀E"(1) by blast
842  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
843    using assumption "→E" by blast
844  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
845    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
846  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
847    using "→E" by blast
848qed
849
850AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
851proof(rule "→I")
852  AOT_assume assumption: φ = ψ
853  AOT_hence φ and ψ
854    using "t=t-proper:1" "t=t-proper:2" MP by blast+
855  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
856    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
857  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
858    using "∀E"(1) by blast
859  AOT_hence (φ  φ)  (φ  ψ)
860    using assumption "→E" by blast
861  moreover AOT_have (φ  φ)
862    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
863  ultimately AOT_show (φ  ψ)
864    using "→E" by blast
865qed
866
867AOT_theorem "rule=E": assumes φ{τ} and τ = σ shows φ{σ}
868proof -
869  AOT_have τ and σ using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
870  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
871    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
872  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
873    using "∀E"(1) by blast
874  AOT_thus φ{σ} using assms "→E" by blast
875qed
876
877AOT_theorem "propositions-lemma:1":  φ] = φ
878proof -
879  AOT_have φ by (simp add: "log-prop-prop:2")
880  moreover AOT_have p  p] = p using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
881  ultimately AOT_show  φ] = φ
882    using "∀E" by blast
883qed
884
885AOT_theorem "propositions-lemma:2":  φ]  φ
886proof -
887  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
888  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
889qed
890
891(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
892
893AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
894  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
895
896(* dr-alphabetic-rules does not apply *)
897
898AOT_theorem "oa-exist:1": O!
899proof -
900  AOT_have x [E!]x] by "cqt:2[lambda]"
901  AOT_hence 1: O! = x [E!]x] using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
902  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
903qed
904
905AOT_theorem "oa-exist:2": A!
906proof -
907  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
908  AOT_hence 1: A! = x ¬[E!]x] using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
909  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
910qed
911
912AOT_theorem "oa-exist:3": O!x  A!x
913proof(rule "raa-cor:1")
914  AOT_assume ¬(O!x  A!x)
915  AOT_hence A: ¬O!x and B: ¬A!x
916    using "Disjunction Addition"(1) "modus-tollens:1" "∨I"(2) "raa-cor:5" by blast+
917  AOT_have C: O! = x [E!]x]
918    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
919  AOT_have D: A! = x ¬[E!]x]
920    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
921  AOT_have E: ¬x [E!]x]x
922    using A C "rule=E" by fast
923  AOT_have F: ¬x ¬[E!]x]x
924    using B D "rule=E" by fast
925  AOT_have G: x [E!]x]x  [E!]x
926    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
927  AOT_have H: x ¬[E!]x]x  ¬[E!]x
928    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
929  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
930qed
931
932AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
933proof -
934  AOT_have F = G  F & G & x(x[F]  x[G])
935    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
936  moreover AOT_have F and G
937    by (auto simp: "cqt:2[const_var]"[axiom_inst])
938  ultimately AOT_show F = G  x(x[F]  x[G])
939    using "≡S"(1) "&I" by blast
940qed
941
942AOT_theorem "p-identity-thm2:2[2]": F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
943proof -
944  AOT_have F = G  F & G & y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
945    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
946  moreover AOT_have F and G
947    by (auto simp: "cqt:2[const_var]"[axiom_inst])
948  ultimately show ?thesis
949    using "≡S"(1) "&I" by blast
950qed
951    
952AOT_theorem "p-identity-thm2:2[3]": F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
953proof -
954  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
955    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
956  moreover AOT_have F and G
957    by (auto simp: "cqt:2[const_var]"[axiom_inst])
958  ultimately show ?thesis
959    using "≡S"(1) "&I" by blast
960qed
961
962AOT_theorem "p-identity-thm2:2[4]": F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
963proof -
964  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
965    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
966  moreover AOT_have F and G
967    by (auto simp: "cqt:2[const_var]"[axiom_inst])
968  ultimately show ?thesis
969    using "≡S"(1) "&I" by blast
970qed
971
972AOT_theorem "p-identity-thm2:2":
973  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
974proof -
975  AOT_have F = G  F & G & x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
976    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
977  moreover AOT_have F and G
978    by (auto simp: "cqt:2[const_var]"[axiom_inst])
979  ultimately show ?thesis
980    using "≡S"(1) "&I" by blast
981qed
982
983AOT_theorem "p-identity-thm2:3":
984  p = q  x p] = x q]
985proof -
986  AOT_have p = q  p & q & x p] = x q]
987    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
988  moreover AOT_have p and q
989    by (auto simp: "cqt:2[const_var]"[axiom_inst])
990  ultimately show ?thesis
991    using "≡S"(1) "&I" by blast
992qed
993
994class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
995
996instance κ :: AOT_Term_id_2
997proof
998  AOT_modally_strict {
999    fix x
1000    {
1001      AOT_assume O!x
1002      moreover AOT_have F([F]x  [F]x)
1003        using RN GEN "oth-class-taut:3:a" by fast
1004      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1005    }
1006    moreover {
1007      AOT_assume A!x
1008      moreover AOT_have F(x[F]  x[F])
1009        using RN GEN "oth-class-taut:3:a" by fast
1010      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1011    }
1012    ultimately AOT_have (O!x & O!x & F([F]x  [F]x))  (A!x & A!x & F(x[F]  x[F]))
1013      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1014    AOT_thus x = x
1015      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1016  }
1017qed
1018
1019instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1020proof
1021  AOT_modally_strict {
1022    fix F :: "<'a> AOT_var"
1023    AOT_have 0: x1...xn [F]x1...xn] = F
1024      by (simp add: "lambda-predicates:3"[axiom_inst])
1025    AOT_have x1...xn [F]x1...xn]
1026      by "cqt:2[lambda]"
1027    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1028      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1029    AOT_show F = F using "rule=E" 0 by force 
1030  }
1031qed
1032
1033instance 𝗈 :: AOT_Term_id_2
1034proof
1035  AOT_modally_strict {
1036    fix p
1037    AOT_have 0:  p] = p
1038      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1039    AOT_have  p]
1040      by (rule "cqt:2[lambda0]"[axiom_inst])
1041    AOT_hence  p] =  p]
1042      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1043    AOT_show p = p using "rule=E" 0 by force
1044  }
1045qed
1046
1047instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1048proof
1049  AOT_modally_strict {
1050    fix α :: ('a×'b) AOT_var›
1051    AOT_show α = α
1052    proof (induct)
1053      AOT_show τ = τ if τ for τ :: 'a×'b
1054        using that
1055      proof (induct τ)
1056        fix τ1 :: 'a and τ2 :: 'b
1057        AOT_assume «(τ1,τ2)»
1058        AOT_hence τ1 and τ2 using "≡dfE" "&E" tuple_denotes by blast+
1059        AOT_hence τ1 = τ1 and τ2 = τ2 using "id-eq:1"[unvarify α] by blast+
1060        AOT_thus «(τ1, τ2)» = «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_identity_1)
1061      qed
1062    qed
1063  }
1064qed
1065
1066AOT_register_type_constraints
1067  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1068AOT_register_type_constraints
1069  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1070AOT_register_type_constraints
1071  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1072
1073(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1074AOT_theorem "id-eq:2": α = β  β = α
1075(*
1076  TODO: look at this proof generated using:
1077        including AOT_no_atp sledgehammer[isar_proofs = true]
1078proof -
1079  have "(∃φ. [v ⊨ ~β = α → ~φ] ∧ [v ⊨ α = β → φ]) ∨ (∃φ. ¬ [v ⊨ φ{α} → φ{β}])"
1080    by meson
1081  then show ?thesis
1082    by (meson "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" l_"identity:1" "useful-tautologies:1")
1083qed
1084*)
1085(*  by (meson "rule=E" "deduction-theorem") *)
1086proof (rule "→I")
1087  AOT_assume α = β
1088  moreover AOT_have β = β using calculation "rule=E"[of _ "λ τ . «τ = β»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1089  moreover AOT_have α = α  α = α using "if-p-then-p" by blast
1090  ultimately AOT_show β = α
1091    using "→E" "→I" "rule=E"[of _ "λ τ . «(τ = τ)  (τ = α)»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1092qed
1093
1094AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1095  using "rule=E" "→I" "&E" by blast
1096
1097AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1098proof (rule "≡I"; rule "→I")
1099  AOT_assume 0: α = β
1100  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1101  AOT_show γ (α = γ  β = γ)
1102    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1103next
1104  AOT_assume γ (α = γ  β = γ)
1105  AOT_hence α = α  β = α using "∀E"(2) by blast
1106  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1107  AOT_hence β = α using "id-eq:1" "→E" by blast
1108  AOT_thus α = β using "id-eq:2" "→E" by blast
1109qed
1110
1111AOT_theorem "rule=I:1": assumes τ shows τ = τ
1112proof -
1113  AOT_have α (α = α)
1114    by (rule GEN) (metis "id-eq:1")
1115  AOT_thus τ = τ using assms "∀E" by blast
1116qed
1117
1118AOT_theorem "rule=I:2[const_var]": "α = α"
1119  using "id-eq:1".
1120
1121AOT_theorem "rule=I:2[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1122proof -
1123  AOT_have α (α = α)
1124    by (rule GEN) (metis "id-eq:1")
1125  moreover AOT_have ν1...νn φ{ν1...νn}] using assms by (rule "cqt:2[lambda]"[axiom_inst])
1126  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}] using assms "∀E" by blast
1127qed
1128
1129lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1130
1131AOT_theorem "rule-id-df:1":
1132  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1133  shows τ{τ1...τn} = σ{τ1...τn}
1134proof -
1135  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1136    using "df-rules-terms[3]" assms(1) "&E" by blast
1137  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1138    using assms(2) "→E" by blast
1139qed
1140
1141AOT_theorem "rule-id-df:1[zero]":
1142  assumes τ =df σ and σ
1143  shows τ = σ
1144proof -
1145  AOT_have σ  τ = σ
1146    using "df-rules-terms[4]" assms(1) "&E" by blast
1147  AOT_thus τ = σ
1148    using assms(2) "→E" by blast
1149qed
1150
1151AOT_theorem "rule-id-df:2:a":
1152  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1153  shows φ{σ{τ1...τn}}
1154proof -
1155  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1156  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1157qed
1158
1159(* TODO: get rid of this, ideally *)
1160AOT_theorem "rule-id-df:2:a[2]":
1161  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{τ{«(τ1,τ2)»}}
1162  shows φ{σ{«(τ1,τ2)»}}
1163proof -
1164  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1165  proof -
1166    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1167      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1168    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1169      using assms(2) "→E" by blast
1170  qed
1171  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1172qed
1173
1174AOT_theorem "rule-id-df:2:a[zero]":
1175  assumes τ =df σ and σ and φ{τ}
1176  shows φ{σ}
1177proof -
1178  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1179  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1180qed
1181
1182lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1183
1184AOT_theorem "rule-id-df:2:b":
1185  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1186  shows φ{τ{τ1...τn}}
1187proof -
1188  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1189  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1190    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1191  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1192qed
1193
1194(* TODO: get rid of this, ideally *)
1195AOT_theorem "rule-id-df:2:b[2]":
1196  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{σ{«(τ1,τ2)»}}
1197  shows φ{τ{«(τ1,τ2)»}}
1198proof -
1199  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1200  proof -
1201    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1202      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1203    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1204      using assms(2) "→E" by blast
1205  qed
1206  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1207    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1208  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1209qed
1210
1211AOT_theorem "rule-id-df:2:b[zero]":
1212  assumes τ =df σ and σ and φ{σ}
1213  shows φ{τ}
1214proof -
1215  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1216  AOT_hence σ = τ
1217    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1218  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1219qed
1220
1221lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1222
1223AOT_theorem "free-thms:1": τ  β (β = τ)
1224  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1225
1226AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1227  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1228
1229AOT_theorem "free-thms:3[const_var]": β (β = α)
1230  by (meson "∃I"(2) "id-eq:1")
1231
1232AOT_theorem "free-thms:3[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows β (β = ν1...νn φ{ν1...νn}])
1233  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1234
1235AOT_theorem "free-thms:4[rel]": ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1236  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1237
1238(* TODO: this is a rather weird way to formulate this and we don't have tuple-existential-elimination
1239         or tuple-equality-elimination in the theory... Splitting them is also a bit unfortunate, though.*)
1240AOT_theorem "free-thms:4[vars]": ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1241  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1242
1243AOT_theorem "free-thms:4[1,rel]": ([Π]κ  κ[Π])  β (β = Π)
1244  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1245AOT_theorem "free-thms:4[1,1]": ([Π]κ  κ[Π])  β (β = κ)
1246  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1247
1248AOT_theorem "free-thms:4[2,rel]": ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1249  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1250AOT_theorem "free-thms:4[2,1]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1251  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1252AOT_theorem "free-thms:4[2,2]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1253  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1254AOT_theorem "free-thms:4[3,rel]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1255  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1256AOT_theorem "free-thms:4[3,1]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1257  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1258AOT_theorem "free-thms:4[3,2]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1259  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1260AOT_theorem "free-thms:4[3,3]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1261  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1262AOT_theorem "free-thms:4[4,rel]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1263  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1264AOT_theorem "free-thms:4[4,1]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1265  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1266AOT_theorem "free-thms:4[4,2]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1267  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1268AOT_theorem "free-thms:4[4,3]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1269  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1270AOT_theorem "free-thms:4[4,4]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1271  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1272
1273AOT_theorem "ex:1:a": α α
1274  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1275AOT_theorem "ex:1:b": αβ(β = α)
1276  by (rule GEN) (fact "free-thms:3[const_var]")
1277
1278AOT_theorem "ex:2:a": α
1279  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1280AOT_theorem "ex:2:b": β(β = α)
1281  by (rule RN) (fact "free-thms:3[const_var]")
1282
1283AOT_theorem "ex:3:a": α α
1284  by (rule RN) (fact "ex:1:a")
1285AOT_theorem "ex:3:b": αβ(β = α)
1286  by (rule RN) (fact "ex:1:b")
1287
1288AOT_theorem "ex:4:a": α α
1289  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1290AOT_theorem "ex:4:b": αβ(β = α)
1291  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1292
1293AOT_theorem "ex:5:a": α α
1294  by (rule RN) (simp add: "ex:4:a")
1295AOT_theorem "ex:5:b": αβ(β = α)
1296  by (rule RN) (simp add: "ex:4:b")
1297
1298AOT_theorem "all-self=:1": α(α = α)
1299  by (rule RN; rule GEN) (fact "id-eq:1")
1300AOT_theorem "all-self=:2": α(α = α)
1301  by (rule GEN; rule RN) (fact "id-eq:1")
1302
1303AOT_theorem "id-nec:1": α = β  (α = β)
1304proof(rule "→I")
1305  AOT_assume α = β
1306  moreover AOT_have (α = α)
1307    by (rule RN) (fact "id-eq:1")
1308  ultimately AOT_show (α = β) using "rule=E" by fast
1309qed
1310
1311AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1312proof(rule "→I")
1313  AOT_assume asm: τ = σ
1314  moreover AOT_have τ
1315    using calculation "t=t-proper:1" "→E" by blast
1316  moreover AOT_have (τ = τ)
1317    using calculation "all-self=:2" "∀E"(1) by blast
1318  ultimately AOT_show (τ = σ) using "rule=E" by fast
1319qed
1320
1321AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1322proof (rule "≡I"; rule "→I")
1323  AOT_assume asm: φ{α}
1324  AOT_show β (β = α & φ{β})
1325    by (rule "∃I"(2)[where β=α]; rule "&I")
1326       (auto simp: "id-eq:1" asm)
1327next
1328  AOT_assume 0: β (β = α & φ{β})
1329  (* TODO: have another look at this instantiation. Ideally AOT_obtain would resolve directly to the existential
1330           statement as proof obligation *)
1331  AOT_obtain β where β = α & φ{β} using "instantiation"[rotated, OF 0] by blast
1332  AOT_thus φ{α} using "&E" "rule=E" by blast
1333qed
1334
1335AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1336proof(rule "→I")
1337  AOT_assume τ
1338  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1339    by (rule GEN) (fact "term-out:1")
1340  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1341    using "∀E" by blast
1342qed
1343
1344(* TODO: example of an apply-style proof. Keep or reformulate? *)
1345AOT_theorem "term-out:3": (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1346  apply (rule "≡I"; rule "→I")
1347   apply (frule "&E"(1)) apply (drule "&E"(2))
1348   apply (rule GEN; rule "≡I"; rule "→I")
1349  using "rule-ui:2[const_var]" "vdash-properties:5" apply blast
1350  apply (meson "rule=E" "id-eq:1")
1351  apply (rule "&I")
1352  using "id-eq:1" "≡E"(2) "rule-ui:3" apply blast
1353  apply (rule GEN; rule "→I")
1354  using "≡E"(1) "rule-ui:2[const_var]" by blast
1355
1356AOT_theorem "term-out:4": (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1357  using "term-out:3" . (* TODO: same as above - another instance of the generalized alphabetic variant rule... *)
1358
1359(* TODO: would of course be nice to define it without the syntax magic *)
1360AOT_define AOT_exists_unique :: ‹α  φ  φ›
1361  "uniqueness:1": «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1362syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1363AOT_syntax_print_translations
1364  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1365syntax
1366   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ› (∃!_...∃!_ _› [1,40])
1367parse_ast_translation[(syntax_const‹_AOT_exists_unique_ellipse›, fn ctx => fn [a,b,c] =>
1368  Ast.mk_appl (Ast.Constant "AOT_exists_unique") [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1369(syntax_const‹_AOT_exists_unique›,AOT_restricted_binder const_name‹AOT_exists_unique› const_syntax‹AOT_conj›)]
1370print_translationAOT_syntax_print_translations
1371  [AOT_preserve_binder_abs_tr' const_syntax‹AOT_exists_unique› syntax_const‹_AOT_exists_unique› (syntax_const‹_AOT_exists_unique_ellipse›, true) const_name‹AOT_conj›,
1372  AOT_binder_trans @{theory} @{binding "AOT_exists_unique_binder"} syntax_const‹_AOT_exists_unique›]
1373
1374
1375
1376context AOT_meta_syntax
1377begin
1378notation AOT_exists_unique (binder "!" 20)
1379end
1380context AOT_no_meta_syntax
1381begin
1382no_notation AOT_exists_unique (binder "!" 20)
1383end
1384
1385AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1386proof(rule "≡I"; rule "→I")
1387    AOT_assume ∃!α φ{α}
1388    AOT_hence α (φ{α} & β (φ{β}  β = α))
1389      using "uniqueness:1" "≡dfE" by blast
1390    then AOT_obtain α where φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1391    AOT_hence β(φ{β}  β = α) using "term-out:3" "≡E" by blast
1392    AOT_thus αβ(φ{β}  β = α)
1393      using "∃I" by fast
1394next
1395    AOT_assume αβ(φ{β}  β = α)
1396    then AOT_obtain α where β (φ{β}  β = α) using "instantiation"[rotated] by blast
1397    AOT_hence φ{α} & β (φ{β}  β = α) using "term-out:3" "≡E" by blast
1398    AOT_hence α (φ{α} & β (φ{β}  β = α))
1399      using "∃I" by fast
1400    AOT_thus ∃!α φ{α}
1401      using "uniqueness:1" "≡dfI" by blast
1402qed
1403
1404AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1405proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1406  fix β γ
1407  AOT_assume ∃!α φ{α}
1408  AOT_hence αβ(φ{β}  β = α)
1409    using "uniqueness:2" "≡E" by blast
1410  then AOT_obtain α where β(φ{β}  β = α)
1411    using "instantiation"[rotated] by blast
1412  moreover AOT_assume φ{β} & φ{γ}
1413  ultimately AOT_have β = α and γ = α
1414    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1415  AOT_thus β = γ
1416    by (metis "rule=E" "id-eq:2" "→E")
1417qed
1418
1419AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1420proof (rule "→I"; rule "→I")
1421  AOT_assume a: α(φ{α}  φ{α})
1422  AOT_assume ∃!α φ{α}
1423  AOT_hence α (φ{α} & β (φ{β}  β = α)) using "uniqueness:1" "≡dfE" by blast
1424  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1425  AOT_have φ{α}
1426    using ξ a "&E" "∀E" "→E" by fast
1427  moreover AOT_have β (φ{β}  β = α)
1428    apply (rule GEN; rule "→I")
1429    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
1430  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1431    using "&I" by blast
1432  AOT_thus ∃!α φ{α}
1433    using "uniqueness:1" "≡dfI" "∃I" by fast
1434qed
1435
1436subsection‹The Theory of Actuality and Descriptions›
1437text‹\label{PLM: 9.8}›
1438
1439AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1440  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1441
1442AOT_theorem "nec-imp-act": φ  𝒜φ
1443  by (metis "act-cond" "contraposition:1[2]" "≡E"(4) "qml:2"[THEN act_closure, axiom_inst] "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1444
1445AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1446  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] by blast
1447
1448AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1449  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] RAA(1))
1450
1451AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1452proof -
1453  AOT_have (φ  (ψ  (φ & ψ)))
1454    by (rule RN) (fact Adjunction)
1455  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1456    using "nec-imp-act" "→E" by blast
1457  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1458    using "act-cond" "→E" by blast
1459  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1460    by (fact "act-cond")
1461  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1462    using "→I" "→E" by metis
1463  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1464    by (metis Importation "→E")
1465qed
1466
1467AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1468proof -
1469  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1470    by (fact "act-conj-act:3")
1471  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1472    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1473  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1474    using "→E" by blast
1475  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1476    using "conventions:3"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst] by blast
1477  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1478    using "act-cond" "→E" by blast
1479  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1480qed
1481
1482(* TODO: consider introducing AOT_inductive *)
1483inductive arbitrary_actualization for φ where
1484  arbitrary_actualization φ «𝒜φ»
1485| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1486declare arbitrary_actualization.cases[AOT] arbitrary_actualization.induct[AOT]
1487        arbitrary_actualization.simps[AOT] arbitrary_actualization.intros[AOT]
1488syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop› ("ARBITRARY'_ACTUALIZATION'(_,_')")
1489
1490notepad
1491begin
1492  AOT_modally_strict {
1493    fix φ
1494    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1495      using AOT_PLM.arbitrary_actualization.intros by metis
1496    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1497      using AOT_PLM.arbitrary_actualization.intros by metis
1498    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1499      using AOT_PLM.arbitrary_actualization.intros by metis
1500  }
1501end
1502
1503
1504AOT_theorem "closure-act:1": assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ) shows ψ
1505using assms proof(induct)
1506  case 1
1507  AOT_show 𝒜(𝒜φ  φ)
1508    by (simp add: "act-conj-act:4")
1509next
1510  case (2 ψ)
1511  AOT_thus 𝒜ψ
1512    by (metis arbitrary_actualization.simps "≡E"(1) "logic-actual-nec:4"[axiom_inst])
1513qed
1514
1515AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1516  by (simp add: "act-conj-act:4" "∀I")
1517
1518AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1519  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "logic-actual-nec:3"[axiom_inst] "logic-actual-nec:4"[axiom_inst] "∀I")
1520
1521AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1522  using "closure-act:3" .
1523
1524(* TODO: examine these proofs *)
1525AOT_act_theorem "RA[1]": assumes  φ shows  𝒜φ
1526  ― ‹While this proof is rejected in PLM, we merely state it as modally-fragile rule, which addresses the concern in PLM.›
1527  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst] "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1528AOT_theorem "RA[2]": assumes  φ shows  𝒜φ
1529  ― ‹This rule is in fact a consequence of RN and does not require an appeal to the semantics itself.›
1530  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1531AOT_theorem "RA[3]": assumes Γ  φ shows 𝒜Γ  𝒜φ
1532  text‹While this is derivable from the semantics, it is not derivable without,
1533       but apparently no proof actually relies on it. If this turns out to be required,
1534       it is valid to derive it from the semantics just like RN, but we refrain from doing
1535       so, unless necessary.›
1536 (*  using assms by (meson AOT_sem_act imageI) *)
1537  oops
1538
1539AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1540  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem" "≡I" "logic-actual"[act_axiom_inst])
1541
1542AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1543  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1" "useful-tautologies:2" by blast
1544
1545AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1546  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1547
1548AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1549proof (rule "≡I"; rule "→I")
1550  AOT_assume 𝒜(φ & ψ)
1551  moreover AOT_have 𝒜((φ & ψ)  φ)
1552    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1553  moreover AOT_have 𝒜((φ & ψ)  ψ)
1554    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1555  ultimately AOT_show 𝒜φ & 𝒜ψ
1556    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1557next
1558  AOT_assume 𝒜φ & 𝒜ψ
1559  AOT_thus 𝒜(φ & ψ)
1560    using "act-conj-act:3" "vdash-properties:6" by blast
1561qed
1562
1563AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1564proof (rule "≡I"; rule "→I")
1565  AOT_assume 𝒜(φ  ψ)
1566  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1567    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1568  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1569    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1570  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1571    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1572next
1573  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1574  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1575    by (metis "act-conj-act:3" "vdash-properties:10")
1576  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1577    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]" "vdash-properties:1[2]")
1578  ultimately AOT_show 𝒜(φ  ψ)
1579    using "act-cond"[THEN "→E", THEN "→E"] by metis
1580qed
1581
1582AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1583proof (rule "≡I"; rule "→I")
1584  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1585  AOT_show 𝒜φ  𝒜ψ
1586    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1587next
1588  AOT_assume 𝒜φ  𝒜ψ
1589  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1590    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1591qed
1592
1593AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1594  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1595
1596AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1597  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1598
1599AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1600  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act" "qml-act:2"[axiom_inst])
1601
1602AOT_theorem "Act-Basic:8": φ  𝒜φ
1603  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1604
1605AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1606proof (rule "≡I"; rule "→I")
1607  AOT_assume 𝒜(φ  ψ)
1608  AOT_thus 𝒜φ  𝒜ψ
1609  proof (rule "raa-cor:3")
1610    AOT_assume ¬(𝒜φ  𝒜ψ)
1611    AOT_hence ¬𝒜φ & ¬𝒜ψ
1612      by (metis "≡E"(1) "oth-class-taut:5:d")
1613    AOT_hence 𝒜¬φ & 𝒜¬ψ
1614      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1615    AOT_hence 𝒜(¬φ & ¬ψ)
1616      using "≡E" "Act-Basic:2" by metis
1617    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1618      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1619    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1620      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1621    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1622    AOT_thus ¬𝒜(φ  ψ)
1623      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1624  qed
1625next
1626  AOT_assume 𝒜φ  𝒜ψ
1627  AOT_thus 𝒜(φ  ψ)
1628    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
1629qed
1630
1631AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1632proof -
1633  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1634    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1635       (metis "logic-actual-nec:3"[axiom_inst])
1636  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1637    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1638       (rule "logic-actual-nec:1"[THEN universal_closure, axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1639  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1640    using "conventions:4"[THEN "df-rules-formulas[1]", THEN act_closure, axiom_inst]
1641          "conventions:4"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst]
1642    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1643  also AOT_have   ¬𝒜α ¬φ{α}
1644    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1645  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1646  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1647  also AOT_have   α 𝒜 φ{α}
1648    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1649  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1650qed
1651
1652
1653AOT_theorem "Act-Basic:11": 𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1654proof(rule "≡I"; rule "→I")
1655  AOT_assume 𝒜α(φ{α}  ψ{α})
1656  AOT_hence α𝒜(φ{α}  ψ{α})
1657    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1658  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1659  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1660  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1661next
1662  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1663  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1664  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1665  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1666  AOT_thus 𝒜α(φ{α}  ψ{α})
1667    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1668qed
1669
1670AOT_act_theorem "act-quant-uniq": β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1671proof(rule "≡I"; rule "→I")
1672  AOT_assume β(𝒜φ{β}  β = α)
1673  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1674  AOT_hence φ{β}  β = α for β
1675    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1676    by metis
1677  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1678next
1679  AOT_assume β(φ{β}  β = α)
1680  AOT_hence φ{β}  β = α for β using "∀E" by blast
1681  AOT_hence 𝒜φ{β}  β = α for β
1682    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1683    by metis
1684  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
1685qed
1686
1687AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
1688  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
1689
1690AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
1691  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" "fund-cont-desc" "≡E"(5) by blast
1692
1693
1694locale russel_axiom =
1695  fixes ψ
1696  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
1697begin
1698AOT_act_theorem "russell-axiom": ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
1699proof -
1700  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
1701    using hintikka "∀I" by fast
1702  show ?thesis
1703  proof(rule "≡I"; rule "→I")
1704    AOT_assume c: ψ{ιx φ{x}}
1705    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1706    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1707    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1708    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a)) using b "∀E" by blast
1709    ultimately AOT_have φ{a} & z(φ{z}  z = a) using "≡E" by blast
1710    moreover AOT_have ψ{a}
1711    proof - 
1712      AOT_have 1: xy(x = y  y = x)
1713        by (simp add: "id-eq:2" "universal-cor")
1714      AOT_have a = ιx φ{x}   ιx φ{x} = a
1715        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1716           (auto simp: 1 d "universal-cor")
1717      AOT_thus ψ{a}
1718        using a_def c "rule=E" "→E" by blast
1719    qed
1720    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
1721    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
1722  next
1723    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
1724    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1725    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b)) using b "∀E" by blast
1726    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1727    AOT_hence b = ιx φ{x} using h "≡E" by blast
1728    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1729  qed
1730qed
1731end
1732
1733(* TODO: this nicely shows off using locales with the embedding, but maybe there is still a nicer way *)
1734(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these instantiation instead of referring
1735         to cqt:5:a - should be fixed *)
1736interpretation "russell-axiom[exe,1]": russel_axiom λ κ . «[Π]κ»
1737  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
1738interpretation "russell-axiom[exe,2,1,1]": russel_axiom λ κ . «[Π]κκ'»
1739  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
1740interpretation "russell-axiom[exe,2,1,2]": russel_axiom λ κ . «[Π]κ'κ»
1741  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1742interpretation "russell-axiom[exe,2,2]": russel_axiom λ κ . «[Π]κκ»
1743  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1744interpretation "russell-axiom[exe,3,1,1]": russel_axiom λ κ . «[Π]κκ'κ''»
1745  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1746interpretation "russell-axiom[exe,3,1,2]": russel_axiom λ κ . «[Π]κ'κκ''»
1747  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1748interpretation "russell-axiom[exe,3,1,3]": russel_axiom λ κ . «[Π]κ'κ''κ»
1749  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1750interpretation "russell-axiom[exe,3,2,1]": russel_axiom λ κ . «[Π]κκκ'»
1751  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1752interpretation "russell-axiom[exe,3,2,2]": russel_axiom λ κ . «[Π]κκ'κ»
1753  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1754interpretation "russell-axiom[exe,3,2,3]": russel_axiom λ κ . «[Π]κ'κκ»
1755  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1756interpretation "russell-axiom[exe,3,3]": russel_axiom λ κ . «[Π]κκκ»
1757  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1758
1759interpretation "russell-axiom[enc,1]": russel_axiom λ κ . «κ[Π]»
1760  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
1761interpretation "russell-axiom[enc,2,1]": russel_axiom λ κ . «κκ'[Π]»
1762  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
1763interpretation "russell-axiom[enc,2,2]": russel_axiom λ κ . «κ'κ[Π]»
1764  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1765interpretation "russell-axiom[enc,2,3]": russel_axiom λ κ . «κκ[Π]»
1766  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1767interpretation "russell-axiom[enc,3,1,1]": russel_axiom λ κ . «κκ'κ''[Π]»
1768  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1769interpretation "russell-axiom[enc,3,1,2]": russel_axiom λ κ . «κ'κκ''[Π]»
1770  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1771interpretation "russell-axiom[enc,3,1,3]": russel_axiom λ κ . «κ'κ''κ[Π]»
1772  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1773interpretation "russell-axiom[enc,3,2,1]": russel_axiom λ κ . «κκκ'[Π]»
1774  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1775interpretation "russell-axiom[enc,3,2,2]": russel_axiom λ κ . «κκ'κ[Π]»
1776  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1777interpretation "russell-axiom[enc,3,2,3]": russel_axiom λ κ . «κ'κκ[Π]»
1778  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1779interpretation "russell-axiom[enc,3,3]": russel_axiom λ κ . «κκκ[Π]»
1780  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1781
1782AOT_act_theorem "1-exists:1": ιx φ{x}  ∃!x φ{x}
1783proof(rule "≡I"; rule "→I")
1784  AOT_assume ιx φ{x}
1785  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1786  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1787  AOT_hence φ{a} & z (φ{z}  z = a) using hintikka "≡E" by blast
1788  AOT_hence x (φ{x} & z (φ{z}  z = x)) by (rule "∃I")
1789  AOT_thus ∃!x φ{x} using "uniqueness:1"[THEN "≡dfI"] by blast
1790next
1791  AOT_assume ∃!x φ{x}
1792  AOT_hence x (φ{x} & z (φ{z}  z = x))
1793    using "uniqueness:1"[THEN "≡dfE"] by blast
1794  then AOT_obtain b where φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
1795  AOT_hence b = ιx φ{x} using hintikka "≡E" by blast
1796  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1797qed
1798
1799AOT_act_theorem "1-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
1800  using "1-exists:1" "free-thms:1" "≡E"(6) by blast
1801
1802AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
1803  using "&E"(1) "→I" hintikka "≡E"(1) by blast
1804
1805AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1". (* TODO: same as above *)
1806
1807AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
1808proof(rule "→I")
1809  AOT_assume ιx φ{x}
1810  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1811  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1812  moreover AOT_have φ{a} using calculation hintikka "≡E"(1) "&E" by blast
1813  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
1814qed
1815
1816AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
1817  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
1818
1819
1820AOT_theorem "act-quant-nec": β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
1821proof(rule "≡I"; rule "→I")
1822  AOT_assume β (𝒜φ{β}  β = α)
1823  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1824  AOT_hence 𝒜𝒜φ{β}  β = α for β 
1825    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1826  AOT_thus β(𝒜𝒜φ{β}  β = α)
1827    by (rule "∀I")
1828next
1829  AOT_assume β(𝒜𝒜φ{β}  β = α)
1830  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
1831  AOT_hence 𝒜φ{β}  β = α for β
1832    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1833  AOT_thus β (𝒜φ{β}  β = α)
1834    by (rule "∀I")
1835qed
1836
1837AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
1838proof -
1839  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)  using descriptions[axiom_inst] by blast
1840  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
1841  proof(rule "≡I"; rule "→I"; rule "∀I")
1842    AOT_assume z (𝒜φ{z}  z = x)
1843    AOT_hence 𝒜φ{a}  a = x for a using "∀E" by blast
1844    AOT_thus 𝒜𝒜φ{a}  a = x for a by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1845  next
1846    AOT_assume z (𝒜𝒜φ{z}  z = x)
1847    AOT_hence 𝒜𝒜φ{a}  a = x for a using "∀E" by blast
1848    AOT_thus 𝒜φ{a}  a = x for a  by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1849  qed
1850  also AOT_have ...  x = ιx(𝒜φ{x})
1851    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
1852  finally show ?thesis .
1853qed
1854
1855AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
1856proof(rule "→I")
1857  AOT_assume ιx φ{x}
1858  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1859  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1860  moreover AOT_have a = ιx(𝒜φ{x}) using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
1861  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x}) using "rule=E" by fast
1862qed
1863
1864AOT_theorem "nec-hintikka-scheme": x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
1865proof -
1866  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x) using descriptions[axiom_inst] by blast
1867  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
1868    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
1869  finally show ?thesis.
1870qed
1871
1872AOT_theorem "equiv-desc-eq:1": 𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1873proof(rule "→I"; rule "∀I")
1874  fix β
1875  AOT_assume 𝒜x(φ{x}  ψ{x})
1876  AOT_hence 𝒜(φ{x}  ψ{x}) for x using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
1877  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x by (metis "Act-Basic:5" "≡E"(1))
1878  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β) using "nec-hintikka-scheme" by blast
1879  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1880  proof (rule "≡I"; rule "→I")
1881    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
1882    AOT_hence 𝒜φ{z}  z = β for z using "&E" "∀E" by blast
1883    AOT_hence 𝒜ψ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1884    AOT_hence z(𝒜ψ{z}  z = β) using "∀I" by fast
1885    moreover AOT_have 𝒜ψ{β} using "&E" 0[THEN "≡E"(1)] 1 by blast
1886    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β) using "&I" by blast
1887  next
1888    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1889    AOT_hence 𝒜ψ{z}  z = β for z using "&E" "∀E" by blast
1890    AOT_hence 𝒜φ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1891    AOT_hence z(𝒜φ{z}  z = β) using "∀I" by fast
1892    moreover AOT_have 𝒜φ{β} using "&E" 0[THEN "≡E"(2)] 1 by blast
1893    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β) using "&I" by blast
1894  qed
1895  also AOT_have ...  β = ιx ψ{x}
1896    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
1897  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
1898qed
1899
1900AOT_theorem "equiv-desc-eq:2": ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1901proof(rule "→I")
1902  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
1903  AOT_hence 0: y (y = ιx φ{x}) and
1904            1: x (x = ιx φ{x}  x = ιx ψ{x})
1905    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
1906  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1907  moreover AOT_have a = ιx ψ{x} using calculation 1 "∀E" "≡E"(1) by fast
1908  ultimately AOT_show ιx φ{x} = ιx ψ{x}
1909    using "rule=E" by fast
1910qed
1911
1912AOT_theorem "equiv-desc-eq:3": ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1913  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E" "nec-imp-act"[THEN "→E"] by metis
1914
1915(* Note: this is a special case of "exist-nec" *)
1916AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
1917proof(rule "→I")
1918  AOT_assume ιx φ{x}
1919  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1920  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1921  AOT_thus ιx φ{x}
1922    using "ex:2:a" "rule=E" by fast
1923qed
1924
1925AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
1926proof(rule "→I")
1927  AOT_assume ιx φ{x}
1928  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1929  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1930  AOT_hence (a = ιx φ{x}) by (metis "id-nec:2" "vdash-properties:10")
1931  AOT_thus y (y = ιx φ{x}) by (rule "∃I")
1932qed
1933
1934AOT_act_theorem "equiv-desc-eq2:1": x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1935  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:1"[THEN "→E"]
1936        "RA[1]" "deduction-theorem" by blast
1937
1938AOT_act_theorem "equiv-desc-eq2:2": ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1939  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:2"[THEN "→E", OF "&I"]
1940        "RA[1]" "deduction-theorem" "&E" by metis
1941
1942context russel_axiom
1943begin
1944AOT_theorem "nec-russell-axiom": ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1945proof -
1946  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
1947    using "nec-hintikka-scheme" "∀I" by fast
1948  show ?thesis
1949  proof(rule "≡I"; rule "→I")
1950    AOT_assume c: ψ{ιx φ{x}}
1951    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1952    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1953    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1954    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a)) using b "∀E" by blast
1955    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) using "≡E" by blast
1956    moreover AOT_have ψ{a}
1957    proof - 
1958      AOT_have 1: xy(x = y  y = x)
1959        by (simp add: "id-eq:2" "universal-cor")
1960      AOT_have a = ιx φ{x}   ιx φ{x} = a
1961        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1962           (auto simp: d "universal-cor" 1)
1963      AOT_thus ψ{a}
1964        using a_def c "rule=E" "→E" by metis
1965    qed
1966    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a} by (rule "&I")
1967    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x}) by (rule "∃I")
1968  next
1969    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1970    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1971    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b)) using b "∀E" by blast
1972    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1973    AOT_hence b = ιx φ{x} using h "≡E" by blast
1974    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1975  qed
1976qed
1977end
1978
1979AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
1980proof (rule "≡I"; rule "→I")
1981  AOT_assume ιx φ{x}
1982  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1983  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1984  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1985    using descriptions[axiom_inst] by blast
1986  ultimately AOT_have z(𝒜φ{z}  z = a)
1987    using "≡E" by blast
1988  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
1989  AOT_thus ∃!x 𝒜φ{x}
1990    using "uniqueness:2"[THEN "≡E"(2)] by fast
1991next
1992  AOT_assume ∃!x 𝒜φ{x}
1993  AOT_hence xz(𝒜φ{z}  z = x)
1994    using "uniqueness:2"[THEN "≡E"(1)] by fast
1995  then AOT_obtain a where z(𝒜φ{z}  z = a) using "instantiation"[rotated] by blast
1996  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1997    using descriptions[axiom_inst] by blast
1998  ultimately AOT_have a = ιx φ{x} using "≡E" by blast
1999  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
2000qed
2001
2002AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2003  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme" "reductio-aa:2" "vdash-properties:9" by blast
2004
2005AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2006  using "actual-desc:2". (* TODO: same as above *)
2007
2008AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2009proof(rule "→I")
2010  AOT_assume ιx φ{x}
2011  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2012  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2013  AOT_thus 𝒜φ{ιx φ{x}}
2014    using "actual-desc:2" "rule=E" "→E" by fast
2015qed
2016
2017(* TODO: take another look at proof in PLM *)
2018AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2019proof(rule "→I")
2020  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2021  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2022    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2023  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x}) by (metis "rule=I:1" "existential:1")+
2024  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2025    using "instantiation"[rotated] by metis
2026
2027  AOT_have αβ (α = β  β = α) by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2028  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2029    using "∀E" φ_down by blast
2030  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2031    using "∀E" ψ_down by blast
2032  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2033    "→E" by blast
2034
2035  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2036  proof(rule "≡I"; rule "→I")
2037    AOT_assume 𝒜φ{x}
2038    moreover AOT_have 𝒜φ{x}  x = a for x
2039      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)] "∀E" by blast
2040    ultimately AOT_have x = a using "→E" by blast
2041    AOT_hence x = ιx φ{x} using a_eq "rule=E" by blast
2042    AOT_hence x = ιx ψ{x} using 0 "rule=E" by blast
2043    AOT_thus 𝒜ψ{x} by (metis "actual-desc:3" "vdash-properties:6")
2044  next
2045    AOT_assume 𝒜ψ{x}
2046    moreover AOT_have 𝒜ψ{x}  x = b for x
2047      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)] "∀E" by blast
2048    ultimately AOT_have x = b using "→E" by blast
2049    AOT_hence x = ιx ψ{x} using b_eq "rule=E" by blast
2050    AOT_hence x = ιx φ{x} using 1 "rule=E" by blast
2051    AOT_thus 𝒜φ{x} by (metis "actual-desc:3" "vdash-properties:6")
2052  qed
2053  AOT_hence 𝒜(φ{x}  ψ{x}) for x by (metis "Act-Basic:5" "≡E"(2))
2054  AOT_hence x 𝒜(φ{x}  ψ{x}) by (rule "∀I")
2055  AOT_thus 𝒜x (φ{x}  ψ{x})
2056    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2057qed    
2058
2059AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2060proof(rule "→I")
2061  AOT_assume ∃!x φ{x}
2062  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2063    using "uniqueness:1"[THEN "≡dfE"] by blast
2064  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
2065  AOT_show y (y = ιx φ{x}  φ{y})
2066  proof(rule GEN; rule "→I")
2067    fix y
2068    AOT_assume y = ιx φ{x}
2069    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y) using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2070    AOT_hence 𝒜φ{b}  b = y using "&E" "∀E" by blast
2071    moreover AOT_have 𝒜φ{b} using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2072    ultimately AOT_have b = y using "→E" by blast
2073    moreover AOT_have φ{b} using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2074    ultimately AOT_show φ{y} using "rule=E" by blast
2075  qed
2076qed
2077
2078AOT_theorem "!box-desc:2": x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2079proof(rule "→I"; rule "→I")
2080  AOT_assume x (φ{x}  φ{x})
2081  moreover AOT_assume ∃!x φ{x}
2082  ultimately AOT_have ∃!x φ{x}
2083    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2084  AOT_thus y (y = ιx φ{x}  φ{y})
2085    using "!box-desc:1" "→E" by blast
2086qed
2087
2088AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ} (* TODO: vacuous *)
2089  by (simp add: "rule=I:1" "→I")
2090
2091subsection‹The Theory of Necessity›
2092text‹\label{PLM: 9.9}›
2093
2094AOT_theorem "RM:1[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2095proof -
2096  AOT_have Γ  (φ  ψ) using "RN[prem]" assms by blast
2097  AOT_thus Γ  φ  ψ by (metis "qml:1"[axiom_inst] "→E")
2098qed
2099
2100AOT_theorem "RM:1": assumes  φ  ψ shows  φ  ψ
2101  using "RM:1[prem]" assms by blast
2102
2103lemmas RM = "RM:1"
2104
2105AOT_theorem "RM:2[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2106proof -
2107  AOT_have Γ  ¬ψ  ¬φ using assms 
2108    by (simp add: "contraposition:1[1]")
2109  AOT_hence Γ  ¬ψ  ¬φ using "RM:1[prem]" by blast
2110  AOT_thus Γ  φ  ψ
2111    by (meson "≡dfE" "≡dfI" "conventions:5" "deduction-theorem" "modus-tollens:1")
2112qed
2113
2114AOT_theorem "RM:2": assumes  φ  ψ shows  φ  ψ
2115  using "RM:2[prem]" assms by blast
2116
2117lemmas "RM◇" = "RM:2"
2118
2119AOT_theorem "RM:3[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2120proof -
2121  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2122  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:1[prem]" by metis+
2123  AOT_thus Γ  φ  ψ
2124    by (simp add: "≡I")
2125qed
2126
2127AOT_theorem "RM:3": assumes  φ  ψ shows  φ  ψ
2128  using "RM:3[prem]" assms by blast
2129
2130lemmas RE = "RM:3"
2131
2132AOT_theorem "RM:4[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2133proof -
2134  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2135  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:2[prem]" by metis+
2136  AOT_thus Γ  φ  ψ by (simp add: "≡I")
2137qed
2138
2139AOT_theorem "RM:4": assumes  φ  ψ shows  φ  ψ
2140  using "RM:4[prem]" assms by blast
2141
2142lemmas "RE◇" = "RM:4"
2143
2144AOT_theorem "KBasic:1": φ  (ψ  φ)
2145  by (simp add: RM "pl:1"[axiom_inst])
2146
2147AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2148  by (simp add: RM "useful-tautologies:3")
2149
2150AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2151proof (rule "≡I"; rule "→I")
2152  AOT_assume (φ & ψ)
2153  AOT_thus φ & ψ
2154    by (meson RM "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2155next
2156  AOT_have φ  (ψ  (φ & ψ)) by (simp add: "RM:1" Adjunction)
2157  AOT_hence φ  (ψ  (φ & ψ))  by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2158  moreover AOT_assume φ & ψ
2159  ultimately AOT_show (φ & ψ)
2160    using "→E" "&E" by blast
2161qed
2162
2163AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2164proof -
2165  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2166    by (fact "KBasic:3")
2167  AOT_modally_strict {
2168    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2169      by (fact "conventions:3"[THEN "≡Df"])
2170  }
2171  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2172    by (rule RE)
2173  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2174    using "≡E"(5) by blast
2175qed
2176
2177AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2178proof -
2179  AOT_have (φ  ψ)  (φ  ψ)
2180    by (fact "qml:1"[axiom_inst])
2181  moreover AOT_have (ψ  φ)  (ψ  φ)
2182    by (fact "qml:1"[axiom_inst])
2183  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2184    by (metis "&I" MP "Double Composition")
2185  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2186    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2187  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2188    by (metis "Hypothetical Syllogism")
2189qed
2190
2191AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2192  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "vdash-properties:10" by blast
2193AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2194proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2195  AOT_assume φ & ψ
2196  AOT_hence φ and ψ using "&E" by blast+
2197  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2198  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2199  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2200next
2201  AOT_assume ¬φ & ¬ψ
2202  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2203  AOT_modally_strict {
2204    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2205      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2206  }
2207  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2208    by (rule RM)
2209  AOT_thus (φ  ψ) using 0 "→E" by blast
2210qed(auto)
2211
2212AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2213  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2214AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2215  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2216AOT_theorem "KBasic:10": φ  ¬¬φ
2217  by (simp add: "RM:3" "oth-class-taut:3:b")
2218AOT_theorem "KBasic:11": ¬φ  ¬φ
2219proof (rule "≡I"; rule "→I")
2220  AOT_show ¬φ if ¬φ
2221    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2222next
2223  AOT_show ¬φ if ¬φ
2224    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2225qed
2226AOT_theorem "KBasic:12": φ  ¬¬φ
2227proof (rule "≡I"; rule "→I")
2228  AOT_show ¬¬φ if φ
2229    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2230next
2231  AOT_show φ if ¬¬φ
2232  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2233qed
2234AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2235proof -
2236  AOT_have φ  ψ  φ  ψ by blast
2237  AOT_hence (φ  ψ)  φ  ψ
2238    using "RM:2[prem]" by blast
2239  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2240qed
2241lemmas "K◇" = "KBasic:13"
2242AOT_theorem "KBasic:14": φ  ¬¬φ
2243  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2244AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2245proof -
2246  AOT_modally_strict {
2247    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2248      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2249  }
2250  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2251    using RM by blast+
2252  AOT_thus (φ  ψ)  (φ  ψ)
2253    by (metis "∨E"(1) "deduction-theorem")
2254qed
2255
2256AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2257  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism" Importation "vdash-properties:6")
2258
2259AOT_theorem "rule-sub-lem:1:a":
2260  assumes  (ψ  χ)
2261  shows  ¬ψ  ¬χ
2262  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2263        "≡E"(1) "oth-class-taut:4:b" by blast
2264
2265AOT_theorem "rule-sub-lem:1:b":
2266  assumes  (ψ  χ)
2267  shows  (ψ  Θ)  (χ  Θ)
2268  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2269  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2270
2271AOT_theorem "rule-sub-lem:1:c":
2272  assumes  (ψ  χ)
2273  shows  (Θ  ψ)  (Θ  χ)
2274  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2275  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2276
2277AOT_theorem "rule-sub-lem:1:d":
2278  assumes for arbitrary α:  (ψ{α}  χ{α})
2279  shows  α ψ{α}  α χ{α}
2280proof -
2281  AOT_modally_strict {
2282    AOT_have α (ψ{α}  χ{α})
2283      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2284    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2285    AOT_show α ψ{α}  α χ{α}
2286    proof (rule "≡I"; rule "→I")
2287      AOT_assume α ψ{α}
2288      AOT_hence ψ{α} for α using "∀E" by blast
2289      AOT_hence χ{α} for α using 0 "≡E" by blast
2290      AOT_thus α χ{α} by (rule "∀I")
2291    next
2292      AOT_assume α χ{α}
2293      AOT_hence χ{α} for α using "∀E" by blast
2294      AOT_hence ψ{α} for α using 0 "≡E" by blast
2295      AOT_thus α ψ{α} by (rule "∀I")
2296    qed
2297  }
2298qed
2299
2300AOT_theorem "rule-sub-lem:1:e":
2301  assumes  (ψ  χ)
2302  shows   ψ]   χ]
2303  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2304  using "≡E"(1) "propositions-lemma:6" by blast
2305
2306AOT_theorem "rule-sub-lem:1:f":
2307  assumes  (ψ  χ)
2308  shows  𝒜ψ  𝒜χ
2309  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2310  by (metis "Act-Basic:5" "≡E"(1))
2311
2312AOT_theorem "rule-sub-lem:1:g":
2313  assumes  (ψ  χ)
2314  shows  ψ  χ
2315  using "KBasic:6" assms "vdash-properties:6" by blast
2316
2317text‹Note that instead of deriving @{text "rule-sub-lem:2"}, @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2318     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2319
2320class AOT_subst =
2321  fixes AOT_subst :: "('a  𝗈)  bool"
2322    and AOT_subst_cond :: "'a  'a  bool"
2323  assumes AOT_subst: "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2324
2325named_theorems AOT_substI
2326
2327instantiation 𝗈 :: AOT_subst
2328begin
2329
2330inductive AOT_subst_𝗈 where
2331  AOT_subst_𝗈_id[AOT_substI]: "AOT_subst_𝗈 (λφ. φ)"
2332| AOT_subst_𝗈_const[AOT_substI]: "AOT_subst_𝗈 (λφ. ψ)"
2333| AOT_subst_𝗈_not[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)"
2334| AOT_subst_𝗈_imp[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)"
2335| AOT_subst_𝗈_lambda0[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))"
2336| AOT_subst_𝗈_act[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)"
2337| AOT_subst_𝗈_box[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)"
2338| AOT_subst_𝗈_by_def[AOT_substI]: "( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ))  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ"
2339
2340definition AOT_subst_cond_𝗈 where "AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]"
2341
2342instance
2343proof
2344  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2345  assume cond: ‹AOT_subst_cond ψ χ
2346  assume ‹AOT_subst φ
2347  moreover AOT_have  ψ  χ using cond unfolding AOT_subst_cond_𝗈_def by blast
2348  ultimately AOT_show  φ{ψ}  φ{χ}
2349  proof (induct arbitrary: ψ χ)
2350    case AOT_subst_𝗈_id
2351    thus ?case using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2352  next
2353    case (AOT_subst_𝗈_const ψ)
2354    thus ?case by (simp add: "oth-class-taut:3:a")
2355  next
2356    case (AOT_subst_𝗈_not Θ)
2357    thus ?case by (simp add: RN "rule-sub-lem:1:a")
2358  next
2359    case (AOT_subst_𝗈_imp Θ Ξ)
2360    thus ?case by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2361  next
2362    case (AOT_subst_𝗈_lambda0 Θ)
2363    thus ?case by (simp add: RN "rule-sub-lem:1:e")
2364  next
2365    case (AOT_subst_𝗈_act Θ)
2366    thus ?case by (simp add: RN "rule-sub-lem:1:f")
2367  next
2368    case (AOT_subst_𝗈_box Θ)
2369    thus ?case by (simp add: RN "rule-sub-lem:1:g")
2370  next
2371    case (AOT_subst_𝗈_by_def Θ Ξ)
2372    AOT_modally_strict {
2373      AOT_have Ξ{ψ}  Ξ{χ} using AOT_subst_𝗈_by_def by simp
2374      AOT_thus Θ{ψ}  Θ{χ}
2375        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ] "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2376        by (metis "≡E"(6) "oth-class-taut:3:a")
2377    }
2378  qed
2379qed
2380end
2381
2382instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2383begin
2384
2385definition AOT_subst_cond_fun :: "('a  'b)  ('a  'b)  bool" where
2386  "AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α)) (ψ (AOT_term_of_var α))"
2387
2388inductive AOT_subst_fun :: "(('a  'b)  𝗈)  bool" where
2389  AOT_subst_fun_const[AOT_substI]: "AOT_subst_fun (λφ. ψ)"
2390| AOT_subst_fun_id[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))"
2391| AOT_subst_fun_all[AOT_substI]: "AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α)))  AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)"
2392| AOT_subst_fun_not[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)"
2393| AOT_subst_fun_imp[AOT_substI]: "AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)"
2394| AOT_subst_fun_lambda0[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))"
2395| AOT_subst_fun_act[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)"
2396| AOT_subst_fun_box[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)"
2397| AOT_subst_fun_def[AOT_substI]: "( φ . AOT_model_equiv_def (Θ φ) (Ψ φ))  AOT_subst_fun Ψ  AOT_subst_fun Θ"
2398
2399instance proof
2400  fix ψ χ :: "'a  'b" and φ :: ('a  'b)  𝗈›
2401  assume ‹AOT_subst φ
2402  moreover assume cond: ‹AOT_subst_cond ψ χ
2403  ultimately AOT_show  «φ ψ»  «φ χ»
2404  proof(induct)
2405    case (AOT_subst_fun_const ψ)
2406    then show ?case by (simp add: "oth-class-taut:3:a")
2407  next
2408  case (AOT_subst_fun_id Ψ x)
2409  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2410  next
2411  next
2412  case (AOT_subst_fun_all Ψ Θ)
2413  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2414    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2415  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2416    by (simp add: RN "rule-sub-lem:1:d" AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2417  next
2418  case (AOT_subst_fun_not Ψ)
2419  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2420  next
2421  case (AOT_subst_fun_imp Ψ Θ)
2422  then show ?case 
2423    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2424    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "vdash-properties:6")
2425  next
2426  case (AOT_subst_fun_lambda0 Θ)
2427  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2428  next
2429  case (AOT_subst_fun_act Θ)
2430  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2431  next
2432  case (AOT_subst_fun_box Θ)
2433  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2434  next
2435  case (AOT_subst_fun_def Θ Ψ)
2436  then show ?case
2437    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2438  qed
2439qed
2440end
2441
2442ML2443fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2444          fun findHeadConst (Const x) = SOME x
2445            | findHeadConst (A $ _) = findHeadConst A
2446            | findHeadConst _ = NONE
2447          fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _) = findHeadConst lhs
2448            | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2449            | findDef (Abs (_,_,c)) = findDef c
2450            | findDef _ = NONE
2451          val const_opt = (findDef trm)
2452          val defs = case const_opt of SOME const => List.filter (fn thm => let
2453              val concl = Thm.concl_of thm
2454              val thmconst = (findDef concl)
2455              in case thmconst of SOME (c,_) => fst const = c | _ => false end) (AOT_Definitions.get ctxt)
2456              | _ => []
2457          val tac = case defs of [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2458                    | _ => resolve_tac ctxt defs 1
2459        in tac end) 1)
2460fun getSubstThm ctxt reversed phi p q = let
2461val p_ty = Term.type_of p
2462val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2463val abs = Syntax.check_term ctxt abs
2464val substThm = Goal.prove ctxt [] [] abs (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2465val substThm = substThm RS @{thm AOT_subst}
2466in if reversed then let
2467  val substThm = Drule.instantiate_normalize ([],[((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2468          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2469  val substThm = substThm RS @{thm "≡E"(1)}
2470  in substThm end
2471else
2472  let
2473  val substThm = Drule.instantiate_normalize ([],[((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2474          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2475  val substThm = substThm RS @{thm "≡E"(2)}
2476  in substThm end end
2477
2478
2479method_setup AOT_subst = 2480Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2481Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax
2482) -- Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |-- Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) -- Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2483>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
2484(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2485let
2486val thms = prems
2487val ctxt' = ctxt
2488val ctxt = Context_Position.set_visible false ctxt
2489val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
2490
2491val ctxt = (fold (fn (bound, ty) => fn ctxt =>
2492  let
2493    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
2494    val ty = Option.map (Syntax.read_typ ctxt) ty
2495    val ctxt = case ty of SOME ty => let
2496        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
2497        val bound = Syntax.check_term ctxt bound
2498      in Variable.declare_term bound ctxt end | _ => ctxt
2499  in ctxt end)) raw_bounds ctxt
2500
2501val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
2502val p = Syntax.check_term ctxt p
2503val ctxt = Variable.declare_term p ctxt
2504val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
2505val q = Syntax.check_term ctxt q
2506val ctxt = Variable.declare_term q ctxt
2507
2508val bounds = (map (fn (bound, _) => Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound))) raw_bounds
2509val p = fold (fn bound => fn p => let in Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)) end) bounds p
2510val p = Syntax.check_term ctxt p
2511val p_ty = Term.type_of p
2512
2513val pat = @{const Trueprop} $ (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $ (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
2514val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
2515val univ = hd (Seq.list_of univ) (* TODO: choose? try all? filter? *)
2516val phi = the (Envir.lookup univ (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
2517
2518val q = fold (fn bound => fn q => let in Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q)) end) bounds q
2519val q = Syntax.check_term ctxt q
2520
2521(* Reparse to report bounds as fixes. *)
2522val ctxt = Context_Position.restore_visible ctxt' ctxt
2523val ctxt' = ctxt
2524fun unsource str = fst (Input.source_content (Syntax.read_input str))
2525val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) => (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds) ctxt'
2526val _ = (map (fn (x,_) => Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x))) raw_bounds
2527val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
2528val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
2529
2530in
2531resolve_tac ctxt [getSubstThm ctxt (case reversed of SOME x => true | _ => false) phi p q] 1
2532THEN simp_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]) 1
2533THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
2534THEN (TRY (resolve_tac ctxt thms 1))
2535end
2536) ctxt 1))))
2537
2538
2539method_setup AOT_subst_def = 2540Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2541Attrib.thm
2542>> (fn (reversed,fact) => (fn ctxt =>
2543(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2544let
2545val c = Thm.concl_of fact
2546val (lhs, rhs) = case c of (const‹Trueprop› $ (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
2547  | _ => raise Fail "Definition expected."
2548val substCond = HOLogic.mk_Trueprop (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
2549val substCond = Syntax.check_term (Proof_Context.set_mode Proof_Context.mode_schematic ctxt) substCond
2550val substCondThm = Goal.prove ctxt [] [] substCond (fn {context=ctxt, prems=prems} =>
2551      (SUBGOAL (fn (trm,int) =>
2552        auto_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}, fact RS @{thm "≡Df"}])) 1))
2553val substThm = substCondThm RSN (2,@{thm AOT_subst})
2554in
2555resolve_tac ctxt [substThm RS (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
2556THEN prove_AOT_subst_tac ctxt
2557THEN (TRY (resolve_tac ctxt prems 1))
2558end
2559) ctxt 1))))
2560
2561
2562method_setup AOT_subst_thm = 2563Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2564Attrib.thm
2565>> (fn (reversed,fact) => (fn ctxt =>
2566(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2567let
2568val c = Thm.concl_of fact
2569val (lhs, rhs) = case c of (const‹Trueprop› $ (const‹AOT_model_valid_in› $ _ $ (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
2570  | _ => raise Fail "Equivalence expected."
2571
2572val substCond = HOLogic.mk_Trueprop (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
2573val substCond = Syntax.check_term (Proof_Context.set_mode Proof_Context.mode_schematic ctxt) substCond
2574val substCondThm = Goal.prove ctxt [] [] substCond (fn {context=ctxt, prems=prems} =>
2575      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}, fact])) 1))
2576val substThm = substCondThm RSN (2,@{thm AOT_subst})
2577in
2578resolve_tac ctxt [substThm RS (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
2579THEN prove_AOT_subst_tac ctxt
2580THEN (TRY (resolve_tac ctxt prems 1))
2581end
2582) ctxt 1))))
2583
2584
2585AOT_theorem "rule-sub-remark:1[1]": assumes  A!x  ¬E!x and ¬A!x shows ¬¬E!x
2586  by (AOT_subst (reverse) ¬E!x A!x)
2587     (auto simp: assms) 
2588
2589AOT_theorem "rule-sub-remark:1[2]": assumes  A!x  ¬E!x and  ¬¬E!x shows ¬A!x
2590  by (AOT_subst A!x ¬E!x)
2591     (auto simp: assms)
2592
2593AOT_theorem "rule-sub-remark:2[1]":
2594  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy shows p  [R]xy & ([Q]a  ¬[Q]a)
2595  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2596
2597AOT_theorem "rule-sub-remark:2[2]":
2598  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy & ([Q]a  ¬[Q]a) shows p  [R]xy
2599  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2600
2601AOT_theorem "rule-sub-remark:3[1]":
2602  assumes for arbitrary x:  A!x  ¬E!x
2603      and x A!x
2604    shows x ¬E!x
2605  by (AOT_subst (reverse) ¬E!x A!x for: x)
2606     (auto simp: assms)
2607
2608AOT_theorem "rule-sub-remark:3[2]":
2609  assumes for arbitrary x:  A!x  ¬E!x
2610      and x ¬E!x
2611    shows x A!x
2612  by (AOT_subst A!x ¬E!x for: x)
2613     (auto simp: assms)
2614
2615AOT_theorem "rule-sub-remark:4[1]":
2616  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x shows 𝒜[P]x
2617  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2618
2619AOT_theorem "rule-sub-remark:4[2]":
2620  assumes  ¬¬[P]x  [P]x and 𝒜[P]x shows 𝒜¬¬[P]x
2621  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2622
2623AOT_theorem "rule-sub-remark:5[1]":
2624  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ) shows (¬ψ  ¬φ)
2625  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2626
2627AOT_theorem "rule-sub-remark:5[2]":
2628  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ) shows (φ  ψ) 
2629  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2630
2631AOT_theorem "rule-sub-remark:6[1]":
2632  assumes  ψ  χ and (φ  ψ) shows (φ  χ) 
2633  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2634
2635AOT_theorem "rule-sub-remark:6[2]":
2636  assumes  ψ  χ and (φ  χ) shows (φ  ψ)
2637  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2638
2639AOT_theorem "rule-sub-remark:7[1]":
2640  assumes  φ  ¬¬φ and (φ  φ) shows (¬¬φ  φ) 
2641  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2642
2643AOT_theorem "rule-sub-remark:7[2]":
2644  assumes  φ  ¬¬φ and (¬¬φ  φ) shows  (φ  φ)
2645  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2646
2647AOT_theorem "KBasic2:1": ¬φ  ¬φ
2648  by (meson "conventions:5" "contraposition:2" "Hypothetical Syllogism" "df-rules-formulas[3]"
2649            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
2650
2651AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
2652proof -
2653  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
2654    by (simp add: "RE◇" "oth-class-taut:5:b")
2655  also AOT_have   ¬(¬φ & ¬ψ)
2656    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2657  also AOT_have   ¬(¬φ & ¬ψ)
2658    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
2659  also AOT_have   ¬(¬φ & ¬ψ)
2660    using "KBasic2:1"
2661    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ; auto simp: "oth-class-taut:3:a")
2662  also AOT_have   ¬¬(φ  ψ)
2663    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
2664  also AOT_have   φ  ψ
2665    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
2666  finally show ?thesis .
2667qed
2668
2669AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
2670  by (metis "RM◇" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "deduction-theorem" "modus-tollens:1" "reductio-aa:1")
2671
2672AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
2673proof -
2674  AOT_have (φ  ψ)  (¬φ  ψ)
2675    by (AOT_subst φ  ψ ¬φ  ψ)
2676       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
2677  also AOT_have ...  ¬φ  ψ
2678    by (simp add: "KBasic2:2")
2679  also AOT_have ...  ¬φ  ψ
2680    by (AOT_subst ¬φ ¬φ)
2681       (auto simp: "KBasic:11" "oth-class-taut:3:a")
2682  also AOT_have ...  φ  ψ
2683    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
2684  finally show ?thesis .
2685qed
2686
2687AOT_theorem "KBasic2:5": φ  ¬¬φ
2688  using "conventions:5"[THEN "≡Df"]
2689  by (AOT_subst φ ¬¬φ; AOT_subst ¬¬φ ¬¬¬¬φ; AOT_subst (reverse) ¬¬¬φ ¬φ)
2690     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
2691
2692
2693AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
2694proof(rule "→I"; rule "raa-cor:1")
2695  AOT_assume (φ  ψ)
2696  AOT_hence (¬φ  ψ)
2697    using "conventions:2"[THEN "≡Df"]
2698    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
2699  AOT_hence 1: ¬φ  ψ using "KBasic:13" "vdash-properties:10" by blast
2700  AOT_assume ¬(φ  ψ)
2701  AOT_hence ¬φ and ¬ψ using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
2702  AOT_thus ψ & ¬ψ using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
2703qed
2704
2705AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
2706proof(rule "→I"; frule "&E"(1); drule "&E"(2))
2707  AOT_assume (φ  ψ)
2708  AOT_hence 1: φ  ψ
2709    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
2710  AOT_assume ¬φ
2711  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
2712  AOT_thus ψ using 1 "∨E"(2) by blast
2713qed
2714
2715AOT_theorem "T-S5-fund:1": φ  φ
2716  by (meson "≡dfI" "conventions:5" "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" "qml:2"[axiom_inst])
2717lemmas "T◇" = "T-S5-fund:1"
2718
2719AOT_theorem "T-S5-fund:2": φ  φ
2720proof(rule "→I")
2721  AOT_assume φ
2722  AOT_hence ¬¬φ
2723    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
2724  moreover AOT_have ¬φ  ¬φ
2725    by (fact "qml:3"[axiom_inst])
2726  ultimately AOT_have ¬¬φ
2727    using "modus-tollens:1" by blast
2728  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
2729qed
2730lemmas "5◇" = "T-S5-fund:2"
2731
2732(* Also interestingly none of these have proofs in PLM. *)
2733AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
2734  by (AOT_subst 𝒜¬φ ¬𝒜φ)
2735     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
2736
2737AOT_theorem "Act-Sub:2": φ  𝒜φ
2738  using "conventions:5"[THEN "≡Df"]
2739  by (AOT_subst φ ¬¬φ)
2740     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
2741            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
2742
2743AOT_theorem "Act-Sub:3": 𝒜φ  φ
2744  using "conventions:5"[THEN "≡Df"]
2745  by (AOT_subst φ ¬¬φ)
2746     (metis "Act-Sub:1" "deduction-theorem" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
2747
2748
2749AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
2750proof (rule "≡I"; rule "→I")
2751  AOT_assume 𝒜φ
2752  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
2753next
2754  AOT_assume 𝒜φ
2755  AOT_hence ¬¬𝒜φ
2756    using "≡dfE" "conventions:5" by blast
2757  AOT_hence ¬𝒜¬φ
2758    by (AOT_subst 𝒜¬φ ¬𝒜φ)
2759       (simp add: "logic-actual-nec:1"[axiom_inst])
2760  AOT_thus 𝒜φ
2761      using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4) "reductio-aa:1" by blast
2762qed
2763
2764AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
2765  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "deduction-theorem" "≡E"(1) "≡E"(2) "vdash-properties:6")
2766
2767AOT_theorem "S5Basic:1": φ  φ
2768  by (simp add: "≡I" "qml:2" "qml:3" "vdash-properties:1[2]")
2769
2770AOT_theorem "S5Basic:2": φ  φ
2771  by (simp add: "T◇" "5◇" "≡I")
2772
2773AOT_theorem "S5Basic:3": φ  φ
2774  using "T◇" "Hypothetical Syllogism" "qml:3" "vdash-properties:1[2]" by blast
2775lemmas "B" = "S5Basic:3"
2776
2777AOT_theorem "S5Basic:4": φ  φ
2778  using "5◇" "Hypothetical Syllogism" "qml:2" "vdash-properties:1[2]" by blast
2779lemmas "B◇" = "S5Basic:4"
2780
2781AOT_theorem "S5Basic:5": φ  φ
2782  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
2783lemmas "4" = "S5Basic:5"
2784
2785AOT_theorem "S5Basic:6": φ  φ
2786  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
2787
2788AOT_theorem "S5Basic:7": φ  φ
2789  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
2790  by (AOT_subst φ ¬¬φ;
2791      AOT_subst φ ¬¬φ;
2792      AOT_subst (reverse) ¬¬¬φ ¬φ;
2793      AOT_subst (reverse) ¬φ ¬φ)
2794     (auto simp: "S5Basic:6" "if-p-then-p")
2795
2796lemmas "4◇" = "S5Basic:7"
2797
2798AOT_theorem "S5Basic:8": φ  φ
2799  by (simp add: "4◇" "T◇" "≡I")
2800
2801AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
2802  apply (rule "≡I"; rule "→I")
2803  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10" apply blast
2804  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "con-dis-taut:7"
2805            "intro-elim:1" "Commutativity of ∨")
2806
2807AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
2808(* Note: nicely this proof is entirely sledgehammer generated *)
2809proof(rule "≡I"; rule "→I")
2810  AOT_assume (φ  ψ)
2811  AOT_hence φ  ψ
2812    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
2813  AOT_thus φ  ψ
2814    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
2815next
2816  AOT_assume φ  ψ
2817  AOT_hence φ  ψ
2818    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
2819  AOT_thus (φ  ψ)
2820    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
2821qed
2822
2823AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
2824proof -
2825  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
2826    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
2827       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
2828  also AOT_have   ¬(¬φ  ¬ψ)
2829    by (AOT_subst ¬ψ ¬ψ)
2830       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2831  also AOT_have   ¬(¬φ  ¬ψ)
2832    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2833  also AOT_have   ¬(¬φ  ¬ψ)
2834    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
2835  also AOT_have   ¬(¬φ  ¬ψ)
2836    using "KBasic2:1"
2837    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
2838       (auto simp:  "oth-class-taut:3:a")
2839  also AOT_have   φ & ψ
2840    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
2841  finally show ?thesis .
2842qed
2843
2844AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
2845proof (rule "≡I"; rule "→I")
2846  AOT_assume (φ & ψ)
2847  AOT_hence φ & ψ
2848    using "KBasic2:3" "vdash-properties:6" by blast
2849  AOT_thus φ & ψ
2850    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
2851next
2852  AOT_assume φ & ψ
2853  moreover AOT_have (ψ & φ)  (φ & ψ)
2854    by (AOT_subst φ & ψ ψ & φ)
2855       (auto simp: "Commutativity of &" "KBasic:16")
2856  ultimately AOT_show (φ & ψ)
2857    by (metis "4" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2858qed
2859
2860
2861AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
2862proof (rule "≡I")
2863  AOT_modally_strict {
2864    AOT_have (φ  ψ)  (φ  ψ)
2865      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "deduction-theorem")
2866  }
2867  AOT_hence (φ  ψ)  (φ  ψ)
2868    by (rule RM)
2869  AOT_thus  (φ  ψ)  (φ  ψ)
2870    using "4" "Hypothetical Syllogism" by blast
2871next
2872  AOT_modally_strict {
2873    AOT_have (φ  ψ)  (φ  ψ)
2874      by (meson "B" "Hypothetical Syllogism" "deduction-theorem" "qml:1" "vdash-properties:1[2]")
2875  }
2876  AOT_hence  (φ  ψ)  (φ  ψ)
2877    by (rule RM)
2878  AOT_thus (φ  ψ)  (φ  ψ)
2879    using "4" "Hypothetical Syllogism" by blast
2880qed
2881
2882AOT_theorem "derived-S5-rules:1":
2883  assumes Γ  φ  ψ shows Γ  φ  ψ
2884proof -
2885  AOT_have Γ  φ  ψ
2886    using assms by (rule "RM:1[prem]")
2887  AOT_thus Γ  φ  ψ
2888    using "B" "Hypothetical Syllogism" by blast
2889qed
2890
2891AOT_theorem "derived-S5-rules:2":
2892  assumes Γ  φ  ψ shows Γ  φ  ψ
2893proof -
2894  AOT_have Γ  φ  ψ
2895    using assms by (rule "RM:2[prem]")
2896  AOT_thus Γ  φ  ψ
2897    using "B◇" "Hypothetical Syllogism" by blast
2898qed
2899
2900AOT_theorem "BFs:1": α φ{α}  α φ{α}
2901proof -
2902  AOT_modally_strict {
2903    AOT_modally_strict {
2904      AOT_have α φ{α}  φ{α} for α by (fact AOT)
2905    }
2906    AOT_hence α φ{α}  φ{α} for α by (rule "RM◇")
2907    AOT_hence α φ{α}  α φ{α}
2908      using "B◇" "∀I" "→E" "→I" by metis
2909  }
2910  thus ?thesis using "derived-S5-rules:1" by blast
2911qed
2912lemmas "BF" = "BFs:1"
2913
2914AOT_theorem "BFs:2": α φ{α}  α φ{α}
2915proof -
2916  AOT_have α φ{α}  φ{α} for α using RM "cqt-orig:3" by metis
2917  thus ?thesis using  "cqt-orig:2"[THEN "→E"] "∀I" by metis
2918qed
2919lemmas "CBF" = "BFs:2"
2920
2921AOT_theorem "BFs:3": α φ{α}  α φ{α}
2922proof(rule "→I")
2923  AOT_modally_strict {
2924    AOT_have α ¬φ{α}  α ¬φ{α}
2925      using BF CBF "≡I" by blast
2926  } note θ = this
2927
2928  AOT_assume α φ{α}
2929  AOT_hence ¬¬(α φ{α})
2930    using "≡dfE" "conventions:5" by blast
2931  AOT_hence ¬α ¬φ{α}
2932    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
2933    using "≡dfI" "conventions:3" "conventions:4" "&I" "contraposition:2" "cqt-further:4"
2934          "df-rules-formulas[1]" "vdash-properties:1[2]" by blast
2935  AOT_hence ¬α ¬φ{α}
2936    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
2937    using θ by blast
2938  AOT_hence ¬α ¬¬¬φ{α}
2939    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
2940       (simp add: "oth-class-taut:3:b")
2941  AOT_hence α ¬¬φ{α}
2942    by (rule "conventions:4"[THEN "≡dfI"])
2943  AOT_thus α φ{α}
2944    using "conventions:5"[THEN "≡Df"]
2945    by (AOT_subst φ{α} ¬¬φ{α} for: α)
2946qed
2947lemmas "BF◇" = "BFs:3"
2948
2949AOT_theorem "BFs:4": α φ{α}  α φ{α}
2950proof(rule "→I")
2951  AOT_assume α φ{α}
2952  AOT_hence ¬α ¬φ{α}
2953    using "conventions:4"[THEN "≡dfE"] by blast
2954  AOT_hence ¬α ¬φ{α}
2955    using "KBasic2:1"
2956    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
2957  moreover AOT_have α ¬φ{α}  α ¬φ{α}
2958    using "≡I" "BF" "CBF" by metis
2959  ultimately AOT_have 1: ¬α ¬φ{α}
2960    using "≡E"(3) by blast
2961  AOT_show α φ{α}
2962    apply (rule "conventions:5"[THEN "≡dfI"])
2963    apply (AOT_subst α φ{α} ¬α ¬φ{α})
2964     apply (simp add: "conventions:4" "≡Df")
2965    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
2966    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
2967qed
2968lemmas "CBF◇" = "BFs:4"
2969
2970AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
2971proof(rule "→I")
2972  AOT_assume α φ{α}
2973  then AOT_obtain α where φ{α} using "∃E" by metis
2974  moreover AOT_have α
2975    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
2976  moreover AOT_have φ{τ}, τ  α φ{α} for τ
2977  proof -
2978    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
2979    AOT_thus φ{τ}, τ  α φ{α}
2980      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
2981  qed
2982  ultimately AOT_show α φ{α} by blast
2983qed
2984lemmas Buridan = "sign-S5-thm:1"
2985
2986AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
2987proof -
2988  AOT_have α (α φ{α}  φ{α})
2989    by (simp add: "RM◇" "cqt-orig:3" "∀I")
2990  AOT_thus α φ{α}  α φ{α}
2991    using "∀E"(4) "∀I" "→E" "→I" by metis
2992qed
2993lemmas "Buridan◇" = "sign-S5-thm:2"
2994
2995AOT_theorem "sign-S5-thm:3": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
2996  apply (rule "RM:2")
2997  by (metis (no_types, lifting) "instantiation" "&I" "&E"(1)
2998                                "&E"(2) "deduction-theorem" "existential:2[const_var]")
2999
3000AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3001  apply (rule "RM:2")
3002  by (meson "instantiation" "&E"(1) "deduction-theorem" "existential:2[const_var]")
3003
3004AOT_theorem "sign-S5-thm:5": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3005proof -
3006  {
3007    fix φ' ψ' χ'
3008    AOT_assume  φ' & ψ'  χ'
3009    AOT_hence φ' & ψ'  χ'
3010      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3011      using "&E" "&I" "→E" "→I" by metis
3012  } note R = this
3013  show ?thesis by (rule R; fact AOT)
3014qed
3015
3016AOT_theorem "sign-S5-thm:6": (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3017proof -
3018  {
3019    fix φ' ψ' χ'
3020    AOT_assume  φ' & ψ'  χ'
3021    AOT_hence φ' & ψ'  χ'
3022      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3023      using "&E" "&I" "→E" "→I" by metis
3024  } note R = this
3025  show ?thesis by (rule R; fact AOT)
3026qed
3027
3028AOT_theorem "exist-nec2:1": τ  τ
3029  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3030
3031AOT_theorem "exists-nec2:2": τ  τ
3032  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec" "exist-nec2:1" "≡I" "nec-imp-act")
3033
3034AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3035  using "KBasic2:1" "deduction-theorem" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3036
3037AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3038  by (metis "Act-Sub:3" "KBasic:12" "deduction-theorem" "exist-nec" "exists-nec2:3" "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3039
3040AOT_theorem "id-nec2:1": α = β  α = β
3041  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3042
3043AOT_theorem "id-nec2:2": α  β  α  β
3044  apply (AOT_subst α  β ¬(α = β))
3045  using "=-infix"[THEN "≡Df"] apply blast
3046  using "KBasic2:1" "deduction-theorem" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3047
3048AOT_theorem "id-nec2:3": α  β  α  β
3049  apply (AOT_subst α  β ¬(α = β))
3050  using "=-infix"[THEN "≡Df"] apply blast
3051  by (metis "KBasic:11" "deduction-theorem" "id-nec:2" "≡E"(3) "reductio-aa:2" "vdash-properties:6")
3052
3053AOT_theorem "id-nec2:4": α = β  α = β
3054  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3055
3056AOT_theorem "id-nec2:5": α  β  α  β
3057  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3058
3059AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3060  apply (rule "≡I"; rule "→I")
3061  using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:10" apply blast
3062  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2) "raa-cor:5" "vdash-properties:6")
3063
3064AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3065  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "deduction-theorem" "≡I" "nec-imp-act" "raa-cor:2" "vdash-properties:10")
3066
3067AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3068proof (rule "→I"; rule "≡I"; rule "→I")
3069  AOT_assume (φ  φ)
3070  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3071  moreover AOT_assume ¬φ
3072  ultimately AOT_have ¬φ
3073    using "modus-tollens:1" by blast
3074  AOT_thus ¬φ
3075    using "KBasic2:1" "≡E"(2) by blast
3076next
3077  AOT_assume (φ  φ)
3078  moreover AOT_assume ¬φ
3079  ultimately AOT_show ¬φ
3080    using "modus-tollens:1" "qml:2" "vdash-properties:10" "vdash-properties:1[2]" by blast
3081qed
3082
3083AOT_theorem "sc-eq-box-box:4": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3084proof(rule "→I"; rule "→I")
3085  AOT_assume θ: (φ  φ) & (ψ  ψ)
3086  AOT_assume ξ: φ  ψ
3087  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3088    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3089  moreover {
3090    AOT_assume φ & ψ
3091    AOT_hence (φ  ψ)
3092      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3093  }
3094  moreover {
3095    AOT_assume ¬φ & ¬ψ
3096    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3097      using θ "Conjunction Simplification"(1) "Conjunction Simplification"(2) "sc-eq-box-box:3" "vdash-properties:10" by metis+
3098    ultimately AOT_have ¬φ & ¬ψ
3099      by (metis "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "≡E"(4) "modus-tollens:1" "raa-cor:3")
3100    AOT_hence (φ  ψ)
3101      using "KBasic:3" "KBasic:9" "≡E"(2) "vdash-properties:10" by blast
3102  }
3103  ultimately AOT_show (φ  ψ)
3104    using "∨E"(2) "reductio-aa:1" by blast
3105qed
3106
3107AOT_theorem "sc-eq-box-box:5": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3108proof (rule "→I")
3109  AOT_assume ((φ  φ) & (ψ  ψ))
3110  AOT_hence ((φ  φ) & (ψ  ψ))
3111    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3112  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3113  proof (rule RM; rule "→I"; rule "→I")
3114    AOT_modally_strict {
3115      AOT_assume A: ((φ  φ) & (ψ  ψ))
3116      AOT_hence φ  φ and ψ  ψ
3117        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3118      moreover AOT_assume φ  ψ
3119      ultimately AOT_have φ  ψ
3120        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3121      moreover AOT_have (φ  ψ)  (φ  ψ)
3122        using A "sc-eq-box-box:4" "→E" by blast
3123      ultimately AOT_show (φ  ψ) using "→E" by blast
3124    }
3125  qed
3126  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3127qed
3128
3129AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3130proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3131  AOT_assume ¬(φ  ψ)
3132  AOT_hence ¬(φ  ψ) by (metis "KBasic:11" "≡E"(1))
3133  AOT_hence (φ & ¬ψ)
3134    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3135       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3136  AOT_hence φ and 2: ¬ψ using "KBasic2:3"[THEN "→E"] "&E" by blast+
3137  moreover AOT_assume (φ  φ)
3138  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3139  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3140  moreover AOT_assume φ  ψ
3141  ultimately AOT_have ψ using "→E" by blast
3142  moreover AOT_have ¬ψ using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3143  ultimately AOT_show ψ & ¬ψ using "&I" by blast
3144qed
3145
3146AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3147proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3148  AOT_assume ¬𝒜(φ  ψ)
3149  AOT_hence 𝒜¬(φ  ψ) by (metis "Act-Basic:1" "∨E"(2))
3150  AOT_hence 𝒜(φ & ¬ψ)
3151    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3152       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3153  AOT_hence 𝒜φ and 2: 𝒜¬ψ using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3154  AOT_hence φ by (metis "Act-Sub:3" "→E")
3155  moreover AOT_assume (φ  φ)
3156  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3157  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3158  moreover AOT_assume φ  𝒜ψ
3159  ultimately AOT_have 𝒜ψ using "→E" by blast
3160  moreover AOT_have ¬𝒜ψ using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3161  ultimately AOT_show 𝒜ψ & ¬𝒜ψ using "&I" by blast
3162qed
3163
3164AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3165  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3166
3167AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3168  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism" "deduction-theorem" "≡I" "nec-imp-act")
3169
3170AOT_theorem "sc-eq-fur:3": x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3171proof (rule "→I"; rule "→I")
3172  AOT_assume x (φ{x}  φ{x})
3173  AOT_hence A: x (φ{x}  φ{x}) using CBF "→E" by blast
3174  AOT_assume ∃!x φ{x}
3175  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3176    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3177  moreover AOT_have φ{a} using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3178  AOT_hence 𝒜φ{a} using "nec-imp-act" "vdash-properties:6" by blast
3179  moreover AOT_have y (𝒜φ{y}  y = a)
3180  proof (rule "∀I"; rule "→I")
3181    fix b
3182    AOT_assume 𝒜φ{b}
3183    AOT_hence φ{b}
3184      using "Act-Sub:3" "vdash-properties:6" by blast
3185    moreover {
3186      AOT_have (φ{b}  φ{b})
3187        using A "∀E"(2) by blast
3188      AOT_hence φ{b}  φ{b}
3189        using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:6" by blast
3190    }
3191    ultimately AOT_have φ{b} using "→E" by blast
3192    AOT_hence φ{b} using "qml:2"[axiom_inst] "→E" by blast
3193    AOT_thus b = a
3194      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3195  qed
3196  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3197    using "&I" by blast
3198  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x)) using "∃I" by fast
3199  AOT_hence ∃!x 𝒜φ{x} using "uniqueness:1"[THEN "≡dfI"] by fast
3200  AOT_thus ιx φ{x}
3201    using "actual-desc:1"[THEN "≡E"(2)] by blast
3202qed
3203
3204AOT_theorem "sc-eq-fur:4": x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3205proof (rule "→I")
3206  AOT_assume x (φ{x}  φ{x})
3207  AOT_hence x (φ{x}  φ{x}) using CBF "→E" by blast
3208  AOT_hence A: 𝒜φ{α}  φ{α} for α using "sc-eq-fur:2" "∀E" "→E" by fast
3209  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3210  proof (rule "≡I"; rule "→I")
3211    AOT_assume x = ιx φ{x}
3212    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3213      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3214    AOT_show φ{x} & z (φ{z}  z = x)
3215    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3216      AOT_show φ{x} using A B[THEN "&E"(1)] "≡E"(1) by blast
3217    next
3218      AOT_show z = x if φ{z} for z
3219        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3220    qed
3221  next
3222    AOT_assume B: φ{x} & z (φ{z}  z = x)
3223    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3224    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3225      AOT_show 𝒜φ{x} using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3226    next
3227      AOT_show b = x if 𝒜φ{b} for b
3228        using that A[THEN "≡E"(1)] B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3229    qed
3230    AOT_thus x = ιx φ{x}
3231      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3232  qed
3233qed
3234
3235AOT_theorem "id-act:1": α = β  𝒜α = β
3236  by (meson "Act-Sub:3" "Hypothetical Syllogism" "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3237
3238AOT_theorem "id-act:2": α  β  𝒜α  β
3239proof (AOT_subst α  β ¬(α = β))
3240  AOT_modally_strict {
3241    AOT_show α  β  ¬(α = β)
3242      by (simp add: "=-infix" "≡Df")
3243  }
3244next
3245  AOT_show ¬(α = β)  𝒜¬(α = β)
3246  proof (safe intro!: "≡I" "→I")
3247    AOT_assume ¬α = β
3248    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3249    AOT_thus 𝒜¬α = β
3250      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3251  next
3252    AOT_assume 𝒜¬α = β
3253    AOT_hence ¬𝒜α = β
3254      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3255    AOT_thus ¬α = β
3256      using "id-act:1" "≡E"(4) by blast
3257  qed
3258qed
3259
3260AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3261proof -
3262  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3263    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3264       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3265  also AOT_have   α 𝒜β (φ{β}  β = α)
3266    by (simp add: "Act-Basic:10")
3267  also AOT_have   αβ 𝒜(φ{β}  β = α)
3268    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3269       (auto simp: "logic-actual-nec:3" "vdash-properties:1[2]" "oth-class-taut:3:a")
3270  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3271    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α  𝒜(φ{β}  β = α) for: α β :: 'a)
3272       (auto simp: "Act-Basic:5" "cqt-further:7")
3273  also AOT_have   αβ (𝒜φ{β}  β = α)
3274    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3275       (auto simp: "id-act:1" "cqt-further:7")
3276  also AOT_have ...  ∃!α 𝒜φ{α}
3277    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3278  finally show ?thesis .
3279qed
3280
3281AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3282  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3283     (auto simp: "actual-desc:1" "A-Exists:1")
3284
3285AOT_theorem "id-act-desc:1": ιx (x = y)
3286proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3287  AOT_show x E!x  E!x]ιx (x = y)
3288  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)]; rule "∃I"; (rule "&I")+)
3289    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3290  next
3291    AOT_show z (𝒜z = y  z = y)
3292      apply (rule "∀I")
3293      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3294  next
3295    AOT_show x E!x  E!x]y
3296    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3297      AOT_show x E!x  E!x]
3298        by "cqt:2[lambda]"
3299    next
3300      AOT_show E!y  E!y 
3301        by (simp add: "if-p-then-p")
3302    qed
3303  qed
3304next
3305  AOT_show x E!x  E!x]
3306    by "cqt:2[lambda]"
3307qed
3308
3309AOT_theorem "id-act-desc:2": y = ιx (x = y)
3310  by (rule descriptions[axiom_inst, THEN "≡E"(2)]; rule "∀I"; rule "id-act:1"[symmetric])
3311
3312AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3313  by (simp add: encoding "vdash-properties:1[2]")
3314
3315AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3316proof (rule "→I")
3317  AOT_assume x1x2[F]
3318  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3319    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3320  moreover AOT_have y [F]yx2] by "cqt:2[lambda]"
3321  moreover AOT_have y [F]x1y] by "cqt:2[lambda]"
3322  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3323    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3324  note A = this
3325  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3326    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3327  AOT_thus x1x2[F]
3328    by (rule "nary-encoding[2]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3329qed
3330
3331AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3332proof (rule "→I")
3333  AOT_assume x1x2x3[F]
3334  AOT_hence x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3335    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3336  moreover AOT_have y [F]yx2x3] by "cqt:2[lambda]"
3337  moreover AOT_have y [F]x1yx3] by "cqt:2[lambda]"
3338  moreover AOT_have y [F]x1x2y] by "cqt:2[lambda]"
3339  ultimately AOT_have x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3340    using encoding[axiom_inst, unvarify F] "→E" by blast+
3341  note A = this
3342  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3343    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3344  AOT_thus x1x2x3[F]
3345    by (rule "nary-encoding[3]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3346qed
3347
3348AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3349proof (rule "→I")
3350  AOT_assume x1x2x3x4[F]
3351  AOT_hence x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and  x4y [F]x1x2x3y]
3352    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3353  moreover AOT_have y [F]yx2x3x4] by "cqt:2[lambda]"
3354  moreover AOT_have y [F]x1yx3x4] by "cqt:2[lambda]"
3355  moreover AOT_have y [F]x1x2yx4] by "cqt:2[lambda]"
3356  moreover AOT_have y [F]x1x2x3y] by "cqt:2[lambda]"
3357  ultimately AOT_have x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and x4y [F]x1x2x3y]
3358    using "→E" encoding[axiom_inst, unvarify F] by blast+
3359  note A = this
3360  AOT_have B: (x1y [F]yx2x3x4] & x2y [F]x1yx3x4] & x3y [F]x1x2yx4] & x4y [F]x1x2x3y])
3361    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3362  AOT_thus x1x2x3x4[F]
3363    by (rule "nary-encoding[4]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3364qed
3365
3366AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3367proof (rule "→I"; rule "raa-cor:1")
3368  AOT_assume ¬¬x1[F]
3369  AOT_hence x1[F]
3370    by (rule "conventions:5"[THEN "≡dfI"])
3371  AOT_hence x1[F]
3372    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3373  moreover AOT_assume ¬x1[F]
3374  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3375qed
3376AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
3377proof (rule "→I"; rule "raa-cor:1")
3378  AOT_assume ¬¬x1x2[F]
3379  AOT_hence x1x2[F]
3380    by (rule "conventions:5"[THEN "≡dfI"])
3381  AOT_hence x1x2[F]
3382    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3383  moreover AOT_assume ¬x1x2[F]
3384  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
3385qed
3386
3387AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3388proof (rule "→I"; rule "raa-cor:1")
3389  AOT_assume ¬¬x1x2x3[F]
3390  AOT_hence x1x2x3[F]
3391    by (rule "conventions:5"[THEN "≡dfI"])
3392  AOT_hence x1x2x3[F]
3393    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3394  moreover AOT_assume ¬x1x2x3[F]
3395  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
3396qed
3397
3398AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3399proof (rule "→I"; rule "raa-cor:1")
3400  AOT_assume ¬¬x1x2x3x4[F]
3401  AOT_hence x1x2x3x4[F]
3402    by (rule "conventions:5"[THEN "≡dfI"])
3403  AOT_hence x1x2x3x4[F]
3404    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3405  moreover AOT_assume ¬x1x2x3x4[F]
3406  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
3407qed
3408
3409AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
3410  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3411AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
3412  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3413AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3414  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3415AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3416  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3417
3418AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
3419  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
3420AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
3421  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
3422AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
3423  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
3424AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
3425  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
3426
3427AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
3428  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[1]"] "≡I" by blast
3429AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
3430  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[2]"] "≡I" by blast
3431AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
3432  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[3]"] "≡I" by blast
3433AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
3434  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[4]"] "≡I" by blast
3435
3436AOT_theorem "en-eq:4[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3437  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3438  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
3439AOT_theorem "en-eq:4[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3440  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3441  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
3442AOT_theorem "en-eq:4[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3443  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3444  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
3445AOT_theorem "en-eq:4[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3446  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3447  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
3448
3449AOT_theorem "en-eq:5[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3450  apply (rule "≡I"; rule "→I")
3451  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3452  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3453        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]] by blast
3454AOT_theorem "en-eq:5[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3455  apply (rule "≡I"; rule "→I")
3456  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3457  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3458        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]] by blast
3459AOT_theorem "en-eq:5[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3460  apply (rule "≡I"; rule "→I")
3461  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3462  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3463        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]] by blast
3464AOT_theorem "en-eq:5[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3465  apply (rule "≡I"; rule "→I")
3466  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3467  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3468        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]] by blast
3469
3470AOT_theorem "en-eq:6[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3471  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
3472AOT_theorem "en-eq:6[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3473  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
3474AOT_theorem "en-eq:6[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3475  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
3476AOT_theorem "en-eq:6[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3477  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
3478
3479AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
3480  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
3481AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
3482  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
3483AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3484  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
3485AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3486  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
3487
3488AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
3489  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3490AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
3491  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3492AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3493  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3494AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3495  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3496
3497AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
3498  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
3499AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
3500  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
3501AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3502  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
3503AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3504  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
3505
3506AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
3507  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
3508AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
3509  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
3510AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
3511  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
3512AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
3513  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
3514
3515AOT_theorem "oa-facts:1": O!x  O!x
3516proof(rule "→I")
3517  AOT_modally_strict {
3518    AOT_have x E!x]x  E!x
3519      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3520  } note θ = this
3521  AOT_assume O!x
3522  AOT_hence x E!x]x
3523    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3524  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
3525  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
3526  AOT_hence x E!x]x
3527    by (AOT_subst x E!x]x E!x)
3528       (auto simp: θ)
3529  AOT_thus O!x
3530    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3531qed
3532
3533AOT_theorem "oa-facts:2": A!x  A!x
3534proof(rule "→I")
3535  AOT_modally_strict {
3536    AOT_have x ¬E!x]x  ¬E!x
3537      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3538  } note θ = this
3539  AOT_assume A!x
3540  AOT_hence x ¬E!x]x
3541    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3542  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
3543  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
3544  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
3545  AOT_hence ¬E!x
3546    using "KBasic2:1"
3547    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
3548  AOT_hence x ¬E!x]x
3549    by (AOT_subst x ¬E!x]x ¬E!x)
3550       (auto simp: θ)
3551  AOT_thus A!x
3552    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3553qed
3554
3555AOT_theorem "oa-facts:3": O!x  O!x
3556  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3557AOT_theorem "oa-facts:4": A!x  A!x
3558  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3559
3560AOT_theorem "oa-facts:5": O!x  O!x
3561  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3562
3563AOT_theorem "oa-facts:6": A!x  A!x
3564  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3565
3566AOT_theorem "oa-facts:7": O!x  𝒜O!x
3567  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3568
3569AOT_theorem "oa-facts:8": A!x  𝒜A!x
3570  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3571
3572subsection‹The Theory of Relations›
3573text‹\label{PLM: 9.10}›
3574
3575AOT_theorem "beta-C-meta": μ1...μn φ{μ1...μn, ν1...νn}]  (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3576  using "lambda-predicates:2"[axiom_inst] by blast
3577
3578AOT_theorem "beta-C-cor:1": (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}]))  ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3579  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
3580  using "beta-C-meta" "∀I" by fast
3581
3582AOT_theorem "beta-C-cor:2": μ1...μn φ{μ1...μn}]  ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
3583  apply (rule "→I"; rule "∀I")
3584  using "beta-C-meta"[THEN "→E"] by fast
3585
3586(* TODO: syntax + double-check if this is really a faithful representation *)
3587theorem "beta-C-cor:3": assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
3588  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn,μ1...μn}]ν1...νn  φ{ν1...νn,ν1...νn})]
3589  using "cqt:2[lambda]"[axiom_inst, OF assms] "beta-C-cor:1"[THEN "→E"] "∀I" by fast
3590
3591AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
3592proof -
3593  AOT_modally_strict {
3594    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
3595    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
3596      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
3597    ultimately AOT_show φ{κ1...κn}
3598      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
3599  }
3600qed
3601
3602AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
3603  using "betaC:1:a" "raa-cor:3" by blast
3604
3605lemmas "β→C" = "betaC:1:a" "betaC:1:b"
3606
3607AOT_theorem "betaC:2:a": μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3608proof -
3609  AOT_modally_strict {
3610    AOT_assume 1: μ1...μn φ{μ1...μn}] and 2: κ1...κn and 3: φ{κ1...κn}
3611    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
3612      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)] by blast
3613  }
3614  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3615    by blast
3616qed
3617
3618AOT_theorem "betaC:2:b": μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn  ¬φ{κ1...κn}
3619  using "betaC:2:a" "raa-cor:3" by blast
3620
3621lemmas "β←C" = "betaC:2:a" "betaC:2:b"
3622
3623AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
3624  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
3625
3626AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
3627  using "eta-conversion-lemma1:1". (* TODO: spurious in the embedding *)
3628
3629(* match (τ) in "λa . ?b" ⇒ ‹match (τ') in "λa . ?b" ⇒ ‹fail›› ¦ _ ⇒ ‹ *)
3630
3631text‹Note: not explicitly part of PLM.›
3632AOT_theorem id_sym: assumes τ = τ' shows τ' = τ
3633  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
3634        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
3635declare id_sym[sym]
3636
3637text‹Note: not explicitly part of PLM.›
3638AOT_theorem id_trans: assumes τ = τ' and τ' = τ'' shows τ = τ''
3639  using "rule=E" assms by blast
3640declare id_trans[trans]
3641
3642method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> = (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  3643rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"[THEN "→E", of v "«[Π]»", symmetric]]
3644)
3645(*
3646AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
3647  apply ("ηC" "«[P]»") defer
3648   apply ("ηC" "«[S]»") defer
3649  oops
3650*)
3651(* TODO: proper representation of eta_conversion_lemma2 *)
3652
3653AOT_theorem "sub-des-lam:1": z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}  z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3654proof(rule "→I")
3655  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
3656  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3657    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, τ}]»",
3658               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
3659    by blast
3660qed
3661
3662AOT_theorem "sub-des-lam:2": ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
3663  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»", OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
3664
3665AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
3666proof(rule "≡I"; rule "→I")
3667  AOT_assume F = G
3668  AOT_thus x (x[F]  x[G])
3669    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
3670next
3671  AOT_assume x (x[F]  x[G])
3672  AOT_hence x[F]  x[G] for x using "∀E" by blast
3673  AOT_hence (x[F]  x[G]) for x using "en-eq:6[1]"[THEN "≡E"(1)] by blast
3674  AOT_hence x (x[F]  x[G]) by (rule GEN)
3675  AOT_hence x (x[F]  x[G]) using BF[THEN "→E"] by fast
3676  AOT_thus "F = G" using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
3677qed
3678
3679AOT_theorem "relations:1":
3680  assumes INSTANCE_OF_CQT_2(φ)
3681  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
3682  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
3683  using "cqt:2[lambda]"[OF assms, axiom_inst] "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
3684
3685AOT_theorem "relations:2":
3686  assumes INSTANCE_OF_CQT_2(φ)
3687  shows F x ([F]x  φ{x})
3688  using "relations:1" assms by blast
3689
3690AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
3691proof(rule RAA(2))
3692  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
3693  AOT_assume A: x « x»]
3694  AOT_have x (A!x & F (x[F]  F = x « x»]))
3695    using "A-objects"[axiom_inst] by fast
3696  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
3697    using "∃E"[rotated] by blast
3698  AOT_show ¬x G (x[G] & ¬[G]x)]
3699  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3700    AOT_assume B: x « x»]a
3701    AOT_hence G (a[G] & ¬[G]a) using "β→C" A by blast
3702    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3703    moreover AOT_have P = x « x»]
3704      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3705    ultimately AOT_have ¬x « x»]a
3706      using "rule=E" "&E"(2) by fast
3707    AOT_thus ¬x G (x[G] & ¬[G]x)] using B RAA by blast
3708  next
3709    AOT_assume B: ¬x « x»]a
3710    AOT_hence ¬G (a[G] & ¬[G]a) using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
3711    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3712    AOT_have G (a[G]  [G]a)
3713      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
3714         (auto simp: "oth-class-taut:1:a" C)
3715    AOT_hence ax « x»]  x « x»]a using "∀E" A by blast
3716    moreover AOT_have ax « x»] using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
3717      using "=I"(1)[OF A] by blast
3718    ultimately AOT_show ¬x G (x[G] & ¬[G]x)] using B "→E" RAA by blast
3719  qed
3720qed(simp)
3721
3722AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
3723proof(rule RAA(2))
3724  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
3725  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x)) using "∃E"[rotated] by blast
3726  AOT_have x (A!x & G (x[G]  G = F))
3727    using "A-objects"[axiom_inst] by fast
3728  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
3729    using "∃E"[rotated] by blast
3730  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
3731  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3732    AOT_assume B: [F]a
3733    AOT_hence G (a[G] & ¬[G]a) using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
3734    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3735    moreover AOT_have P = F
3736      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3737    ultimately AOT_have ¬[F]a
3738      using "rule=E" "&E"(2) by fast
3739    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x)) using B RAA by blast
3740  next
3741    AOT_assume B: ¬[F]a
3742    AOT_hence ¬G (a[G] & ¬[G]a)
3743      using "oth-class-taut:4:b"[THEN "≡E"(1), OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)] by simp
3744    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3745    AOT_have G (a[G]  [G]a)
3746      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
3747         (auto simp: "oth-class-taut:1:a" C)
3748    AOT_hence a[F]  [F]a using "∀E" by blast
3749    moreover AOT_have a[F] using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
3750      using "=I"(2) by blast
3751    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x)) using B "→E" RAA by blast
3752  qed
3753qed(simp)
3754
3755AOT_theorem "block-paradox:3": ¬y z z = y]
3756proof(rule RAA(2))
3757  AOT_assume θ: y z z = y]
3758  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
3759    using "A-objects"[axiom_inst] by force
3760  then AOT_obtain a where a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
3761    using "∃E"[rotated] by blast
3762  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
3763    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
3764  AOT_show ¬y z z = y]
3765  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3766    AOT_assume A: az z = a]
3767    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
3768      using ζ[THEN "≡E"(1)] by blast
3769    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
3770      using "∃E"[rotated] by blast
3771    moreover AOT_have a = a by (rule "=I")
3772    moreover AOT_have z z = a] using θ "∀E" by blast
3773    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
3774    ultimately AOT_have z z = a]a using "β←C" by blast
3775    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
3776    AOT_hence a = b using "β→C" by blast
3777    AOT_hence bz z = a] using A "rule=E" by fast
3778    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
3779  next
3780    AOT_assume A: ¬az z = a]
3781    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
3782      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3783    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
3784      using "cqt-further:4"[THEN "→E"] by blast
3785    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
3786      using "∀E" by blast
3787    AOT_hence z z = a] = z z = a]  az z = a]
3788      by (metis "&I" "deduction-theorem" "raa-cor:4")
3789    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
3790    AOT_thus ¬y z z = y] using A RAA by blast
3791  qed
3792qed(simp)
3793
3794AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
3795proof(rule RAA(2))
3796  AOT_assume θ: y F x([F]x  x = y)
3797  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
3798    using "A-objects"[axiom_inst] by force
3799  then AOT_obtain a where a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
3800    using "∃E"[rotated] by blast
3801  AOT_obtain F where F_prop: x ([F]x  x = a) using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
3802  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
3803    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
3804  AOT_show ¬y F x([F]x  x = y)
3805  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3806    AOT_assume A: a[F]
3807    AOT_hence z (y ([F]y  y = z) & ¬z[F])
3808      using ζ[THEN "≡E"(1)] by blast
3809    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
3810      using "∃E"[rotated] by blast
3811    moreover AOT_have [F]a using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
3812    ultimately AOT_have a = b using "∀E"(2) "≡E"(1) "&E" by fast
3813    AOT_hence a = b using "β→C" by blast
3814    AOT_hence b[F] using A "rule=E" by fast
3815    AOT_thus ¬y F x([F]x  x = y) using b_prop[THEN "&E"(2)] RAA by blast
3816  next
3817    AOT_assume A: ¬a[F]
3818    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
3819      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3820    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
3821      using "cqt-further:4"[THEN "→E"] by blast
3822    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
3823      using "∀E" by blast
3824    AOT_hence y ([F]y  y = a)  a[F]
3825      by (metis "&I" "deduction-theorem" "raa-cor:4")
3826    AOT_hence a[F] using F_prop "→E" by blast
3827    AOT_thus ¬y F x([F]x  x = y) using A RAA by blast
3828  qed
3829qed(simp)
3830
3831AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
3832proof(rule "raa-cor:2")
3833  AOT_assume Fxy([F]xy  y = x)
3834  then AOT_obtain F where F_prop: xy([F]xy  y = x) using "∃E"[rotated] by blast
3835  {
3836    fix x
3837    AOT_have 1: y([F]xy  y = x) using F_prop "∀E" by blast
3838    AOT_have 2: z [F]xz] by "cqt:2[lambda]"
3839    moreover AOT_have y(z [F]xz]y  y = x)
3840    proof(rule "∀I")
3841      fix y
3842      AOT_have z [F]xz]y  [F]xy
3843        using "beta-C-meta"[THEN "→E"] 2 by fast
3844      also AOT_have ...  y = x using 1 "∀E"
3845        by fast
3846      finally AOT_show z [F]xz]y  y = x.
3847    qed
3848    ultimately AOT_have Fy([F]y  y = x)
3849      using "∃I" by fast
3850  }
3851  AOT_hence xFy([F]y  y = x)
3852    by (rule GEN)
3853  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
3854    using "&I" "block-paradox:4" by blast
3855qed
3856
3857AOT_act_theorem "block-paradox2:1": x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3858proof(rule "→I"; rule "raa-cor:2")
3859  AOT_assume antecedant: x [G]x
3860  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
3861  proof(rule GEN)
3862    fix x
3863    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x))  ∃!y (y = x & H (x[H] & ¬[H]x))
3864    proof(rule "≡I"; rule "→I")
3865      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
3866      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
3867        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
3868      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
3869        using "1-exists:1"[THEN "≡E"(1)] by blast
3870    next
3871      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3872      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x) and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
3873        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3874      AOT_have a_3: [G]a
3875        using antecedant "∀E" by blast
3876      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
3877        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
3878        apply (rule "∃I"(2))
3879        using a_1 a_2 a_3 "&I" by blast
3880    qed
3881    also AOT_have B: ...  H (x[H] & ¬[H]x)
3882    proof (rule "≡I"; rule "→I")
3883      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3884      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
3885        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3886      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
3887    next
3888      AOT_assume H (x[H] & ¬[H]x)
3889      AOT_hence x = x & H (x[H] & ¬[H]x)
3890        using "id-eq:1" "&I" by blast
3891      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
3892        by (simp add: "Conjunction Simplification"(1) "universal-cor")
3893      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
3894        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
3895    qed
3896    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
3897  qed
3898
3899  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3900  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  [G]ιy(y = x & H (x[H] & ¬[H]x)))
3901    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
3902  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
3903    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
3904  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
3905    using "∃I"(1) A by fast
3906  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) & (¬F x ([F]x  H (x[H] & ¬[H]x)))
3907    using "block-paradox:2" "&I" by blast
3908qed
3909
3910AOT_act_theorem "block-paradox2:2": G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3911proof(rule "∃I"(1))
3912  AOT_have 0: x p (p p)]
3913    by "cqt:2[lambda]"
3914  moreover AOT_have x x p (p p)]x
3915    apply (rule GEN)
3916    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
3917    using "if-p-then-p" GEN by fast
3918  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
3919      using "block-paradox2:1" "∀I" by fast
3920  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
3921    using "∀E"(1) "→E" by blast
3922qed("cqt:2[lambda]")
3923
3924AOT_theorem propositions: p (p  φ)
3925proof(rule "∃I"(1))
3926  AOT_show (φ  φ)
3927    by (simp add: RN "oth-class-taut:3:a")
3928next
3929  AOT_show φ
3930    by (simp add: "log-prop-prop:2")
3931qed
3932
3933AOT_theorem "pos-not-equiv-ne:1": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3934proof (rule "→I")
3935  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3936  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3937    using "KBasic:11"[THEN "≡E"(2)] by blast
3938  AOT_hence ¬(F = G)
3939    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
3940  AOT_thus F  G
3941    using "=-infix"[THEN "≡dfI"] by blast
3942qed
3943
3944AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
3945proof (rule "→I")
3946  AOT_modally_strict {
3947    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
3948    proof (rule "→I"; rule "raa-cor:2")
3949      AOT_assume 1: F = G
3950      AOT_hence φ{F}  φ{G} using "l-identity"[axiom_inst, THEN "→E"] by blast
3951      moreover {
3952        AOT_have G = F using 1 id_sym by blast
3953        AOT_hence φ{G}  φ{F} using "l-identity"[axiom_inst, THEN "→E"] by blast
3954      }
3955      ultimately AOT_have φ{F}  φ{G} using "≡I" by blast
3956      moreover AOT_assume ¬(φ{F}  φ{G})
3957      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
3958        using "&I" by blast
3959    qed
3960  }
3961  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
3962    using "RM:2[prem]" by blast
3963  moreover AOT_assume ¬(φ{F}  φ{G})
3964  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
3965  AOT_have (F  G)
3966    by (AOT_subst F  G ¬(F = G))
3967       (auto simp: "=-infix" "≡Df" 0)
3968  AOT_thus F  G
3969    using "id-nec2:3"[THEN "→E"] by blast
3970qed
3971
3972AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
3973proof (rule "→I")
3974  AOT_modally_strict {
3975    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
3976    proof (rule "→I"; rule "raa-cor:2")
3977      AOT_assume 1: p = q
3978      AOT_hence φ{p}  φ{q} using "l-identity"[axiom_inst, THEN "→E"] by blast
3979      moreover {
3980        AOT_have q = p using 1 id_sym by blast
3981        AOT_hence φ{q}  φ{p} using "l-identity"[axiom_inst, THEN "→E"] by blast
3982      }
3983      ultimately AOT_have φ{p}  φ{q} using "≡I" by blast
3984      moreover AOT_assume ¬(φ{p}  φ{q})
3985      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
3986        using "&I" by blast
3987    qed
3988  }
3989  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
3990    using "RM:2[prem]" by blast
3991  moreover AOT_assume ¬(φ{p}  φ{q})
3992  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
3993  AOT_have (p  q)
3994    by (AOT_subst p  q ¬(p = q))
3995       (auto simp: 0 "=-infix" "≡Df")
3996  AOT_thus p  q
3997    using "id-nec2:3"[THEN "→E"] by blast
3998qed
3999
4000AOT_theorem "pos-not-equiv-ne:3": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4001  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4002
4003AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4004  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4005
4006AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4007  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"] "T◇"[THEN "→E"] by blast
4008
4009AOT_define relation_negation ::  Π" ("_-")
4010  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4011
4012nonterminal φneg
4013syntax "" :: "φneg  τ" ("_")
4014syntax "" :: "φneg  φ" ("'(_')")
4015
4016AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4017  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4018
4019AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4020  by "cqt:2[lambda]"
4021
4022AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4023  using "cqt:2[lambda0]"[axiom_inst] by blast
4024
4025AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4026  using "=I"(1)[OF "rel-neg-T:1"]
4027  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4028
4029AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4030  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4031  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4032
4033AOT_theorem "rel-neg-T:3": [Π]-
4034  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"] "rel-neg-T:1" by blast
4035
4036AOT_theorem "rel-neg-T:3[zero]": (φ)-
4037  using "log-prop-prop:2" by blast
4038(*  using "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"] "rel-neg-T:1[zero]" by blast *)
4039
4040(* Note: PLM states the zero place case twice *)
4041AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4042proof -
4043  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4044    using "rule=E"[rotated, OF "rel-neg-T:2"] "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4045    "→I" "≡I" by fast
4046  also AOT_have ...  ¬[F]x1...xn
4047    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4048  finally show ?thesis.
4049qed
4050
4051AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4052  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4053   apply (simp add: "oth-class-taut:3:b")
4054  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4055  using "thm-relation-negation:1".
4056
4057AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4058proof -
4059  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4060  AOT_hence ((p)-)   ¬p]
4061    using "df-relation-negation[zero]" "log-prop-prop:2" "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4062  also AOT_have  ¬p]  ¬p
4063    by (simp add: "propositions-lemma:2")
4064  finally show ?thesis.
4065qed
4066
4067AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4068  using "thm-relation-negation:3"[THEN "≡E"(1)]
4069        "thm-relation-negation:3"[THEN "≡E"(2)]
4070        "≡I" "→I" RAA by metis
4071
4072AOT_theorem "thm-relation-negation:5": [F]  [F]-
4073proof -
4074  AOT_have ¬([F] = [F]-)
4075  proof (rule RAA(2))
4076    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4077      using "if-p-then-p".
4078  next
4079    AOT_assume [F] = [F]-
4080    AOT_hence [F]- = [F] using id_sym by blast
4081    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4082      using "rule=E" "thm-relation-negation:1" by fast
4083    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4084      using "≡E" RAA by metis
4085  qed
4086  thus ?thesis
4087    using "≡dfI" "=-infix" by blast
4088qed
4089
4090AOT_theorem "thm-relation-negation:6": p  (p)-
4091proof -
4092  AOT_have ¬(p = (p)-)
4093  proof (rule RAA(2))
4094    AOT_show p  p
4095      using "if-p-then-p".
4096  next
4097    AOT_assume p = (p)-
4098    AOT_hence (p)- = p using id_sym by blast
4099    AOT_hence p  ¬p
4100      using "rule=E" "thm-relation-negation:3" by fast
4101    AOT_thus ¬(p  p)
4102      using "≡E" RAA by metis
4103  qed
4104  thus ?thesis
4105    using "≡dfI" "=-infix" by blast
4106qed
4107
4108AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4109  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4110  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]" "propositions-lemma:1" id_trans by blast+
4111
4112AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4113proof(rule "→I")
4114  AOT_assume p = q
4115  moreover AOT_have (¬p) using "log-prop-prop:2".
4116  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4117  ultimately AOT_show (¬p) = (¬q)
4118    using "rule=E" by fast
4119qed
4120
4121AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4122proof(rule "→I")
4123  AOT_assume p = q
4124  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4125  AOT_thus (p)- = (q)-
4126    using "thm-relation-negation:7" id_sym id_trans by metis
4127qed
4128
4129AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4130  "contingent-properties:1": Necessary([F]) df x1...∀xn [F]x1...xn
4131
4132AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4133  "contingent-properties:1[zero]": Necessary0(p) df p
4134
4135AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4136  "contingent-properties:2": Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4137
4138AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4139  "contingent-properties:2[zero]": Impossible0(p) df ¬p
4140
4141AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4142  "contingent-properties:3": NonContingent([F]) df Necessary([F])  Impossible([F])
4143
4144AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4145  "contingent-properties:3[zero]": NonContingent0(p) df Necessary0(p)  Impossible0(p)
4146
4147AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4148  "contingent-properties:4": Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4149
4150AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4151  "contingent-properties:4[zero]": Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4152
4153
4154AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4155proof (rule "≡I"; rule "→I")
4156  AOT_assume NonContingent([F])
4157  AOT_hence Necessary([F])  Impossible([F])
4158    using "≡dfE"[OF "contingent-properties:3"] by blast
4159  moreover {
4160    AOT_assume Necessary([F])
4161    AOT_hence (x1...∀xn [F]x1...xn)
4162      using "≡dfE"[OF "contingent-properties:1"] by blast
4163    moreover AOT_modally_strict {
4164      AOT_assume x1...∀xn [F]x1...xn
4165      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4166      AOT_hence ¬[F]-x1...xn for x1xn
4167        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:2" "≡E"(1))
4168      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4169    }
4170    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4171      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4172    AOT_hence Impossible([F]-)
4173      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(2)]
4174      by blast
4175  }
4176  moreover {
4177    AOT_assume Impossible([F])
4178    AOT_hence (x1...∀xn ¬[F]x1...xn)
4179      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4180      by blast
4181    moreover AOT_modally_strict {
4182      AOT_assume x1...∀xn ¬[F]x1...xn
4183      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4184      AOT_hence [F]-x1...xn for x1xn
4185        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(1))
4186      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4187    }
4188    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4189      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4190    AOT_hence Necessary([F]-)
4191      using "≡dfI"[OF "contingent-properties:1"] by blast
4192  }
4193  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4194    using "∨E"(1) "∨I" "→I" by metis
4195  AOT_thus NonContingent([F]-)
4196    using "≡dfI"[OF "contingent-properties:3"] by blast
4197next
4198  AOT_assume NonContingent([F]-)
4199  AOT_hence Necessary([F]-)  Impossible([F]-)
4200    using "≡dfE"[OF "contingent-properties:3"] by blast
4201  moreover {
4202    AOT_assume Necessary([F]-)
4203    AOT_hence (x1...∀xn [F]-x1...xn)
4204      using "≡dfE"[OF "contingent-properties:1"] by blast
4205    moreover AOT_modally_strict {
4206      AOT_assume x1...∀xn [F]-x1...xn
4207      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4208      AOT_hence ¬[F]x1...xn for x1xn
4209        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(2))
4210      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4211    }
4212    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4213      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4214    AOT_hence Impossible([F])
4215      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4216      by blast
4217  }
4218  moreover {
4219    AOT_assume Impossible([F]-)
4220    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4221      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(1)]
4222      by blast
4223    moreover AOT_modally_strict {
4224      AOT_assume x1...∀xn ¬[F]-x1...xn
4225      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4226      AOT_hence [F]x1...xn for x1xn 
4227        using "thm-relation-negation:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4228              "useful-tautologies:1"[THEN "→E"] by blast
4229      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4230    }
4231    ultimately AOT_have (x1...∀xn [F]x1...xn)
4232      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4233    AOT_hence Necessary([F])
4234      using "≡dfI"[OF "contingent-properties:1"] by blast
4235  }
4236  ultimately AOT_have Necessary([F])  Impossible([F])
4237    using "∨E"(1) "∨I" "→I" by metis
4238  AOT_thus NonContingent([F])
4239    using "≡dfI"[OF "contingent-properties:3"] by blast
4240qed
4241
4242AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
4243proof -
4244  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
4245    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]]
4246    by blast
4247  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
4248    using "oth-class-taut:5:d" by fastforce
4249  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
4250    by (simp add: "Commutativity of &")
4251  also AOT_have ...  x [F]x & ¬Necessary([F])
4252  proof (rule "oth-class-taut:4:e"[THEN "→E"])
4253    AOT_have ¬Impossible([F])  ¬¬ x [F]x
4254      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4255      apply (AOT_subst x [F]x ¬ x ¬[F]x)
4256       apply (simp add: "conventions:4" "≡Df")
4257      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
4258       apply (simp add: "oth-class-taut:3:b")
4259      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]] by blast
4260    also AOT_have ...  x [F]x
4261      using "conventions:5"[THEN "≡Df", symmetric] by blast
4262    finally AOT_show ¬Impossible([F])  x [F]x .
4263  qed
4264  also AOT_have ...  x [F]x & x ¬[F]x
4265  proof (rule "oth-class-taut:4:f"[THEN "→E"])
4266    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
4267      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4268      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
4269       apply (simp add: "conventions:4" "≡Df")
4270      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
4271       apply (simp add: "oth-class-taut:3:b")
4272      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
4273      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
4274    also AOT_have ...  x ¬[F]x
4275      using "conventions:5"[THEN "≡Df", symmetric] by blast
4276    finally AOT_show ¬Necessary([F])  x ¬[F]x.
4277  qed
4278  finally show ?thesis.
4279qed
4280
4281AOT_theorem "thm-cont-prop:3": Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
4282proof -
4283  {
4284    fix Π :: <κ>
4285    AOT_assume Π
4286    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4287      using "thm-cont-prop:2" GEN by fast
4288    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
4289      using "thm-cont-prop:2" "∀E" by fast
4290  } note 1 = this
4291  AOT_have Contingent([F])  x [F]x & x ¬[F]x
4292    using "thm-cont-prop:2" by blast
4293  also AOT_have ...  x ¬[F]x & x [F]x
4294    by (simp add: "Commutativity of &")
4295  also AOT_have ...  x [F]-x & x [F]x
4296    by (AOT_subst [F]-x ¬[F]x for: x)
4297       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
4298  also AOT_have ...  x [F]-x & x ¬[F]-x
4299    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
4300       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
4301  also AOT_have ...  Contingent([F]-)
4302    using 1[OF "rel-neg-T:3", symmetric] by blast
4303  finally show ?thesis.
4304qed
4305
4306AOT_define concrete_if_concrete :: ‹Π› ("L")  L_def: L =df x E!x  E!x]
4307
4308AOT_theorem "thm-noncont-e-e:1": Necessary(L)
4309proof -
4310  AOT_modally_strict {
4311    fix x
4312    AOT_have x E!x  E!x] by "cqt:2[lambda]"
4313    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4314    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4315    ultimately AOT_have x E!x  E!x]x
4316      using "β←C" by blast
4317  }
4318  AOT_hence 0: x x E!x  E!x]x
4319    using RN GEN by blast
4320  show ?thesis
4321    apply (rule "=dfI"(2)[OF L_def])
4322     apply "cqt:2[lambda]"
4323    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
4324qed
4325
4326AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
4327proof -
4328  AOT_modally_strict {
4329    fix x
4330
4331    AOT_have 0: F (¬[F]-x  [F]x)
4332      using "thm-relation-negation:2" GEN by fast
4333    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
4334      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
4335    moreover {
4336      AOT_have x E!x  E!x] by "cqt:2[lambda]"
4337      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4338      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4339      ultimately AOT_have x E!x  E!x]x
4340        using "β←C" by blast
4341    }
4342    ultimately AOT_have ¬x E!x  E!x]-x
4343      using "≡E" by blast
4344  }
4345  AOT_hence 0: x ¬x E!x  E!x]-x
4346    using RN GEN by fast
4347  show ?thesis
4348    apply (rule "=dfI"(2)[OF L_def])
4349     apply "cqt:2[lambda]"
4350    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
4351     using "rel-neg-T:3"
4352     apply blast
4353    using 0
4354    by blast
4355qed
4356
4357AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
4358  using "thm-noncont-e-e:1"
4359  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
4360
4361AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
4362proof -
4363  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
4364    using "thm-cont-prop:1" "∀I" by fast
4365  moreover AOT_have 1: L
4366    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4367  AOT_show NonContingent([L]-)
4368    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
4369qed
4370
4371AOT_theorem "thm-noncont-e-e:5": F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
4372proof (rule "∃I")+
4373  {
4374    AOT_have F [F]  [F]- using "thm-relation-negation:5" GEN by fast
4375    moreover AOT_have L
4376      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4377    ultimately AOT_have L  [L]- using "∀E" by blast
4378  }
4379  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
4380    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
4381next
4382  AOT_show [L]-
4383    using "rel-neg-T:3" by blast
4384next
4385  AOT_show L
4386      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4387qed
4388
4389AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4390proof -
4391  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
4392    using "BF◇" "CBF◇" "≡I" by blast
4393  also AOT_have   x ([F]x &  ¬[F]x)
4394    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
4395       (auto simp: "S5Basic:11" "cqt-further:7")
4396  also AOT_have   x (¬[F]x & [F]x)
4397    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
4398       (auto simp: "Commutativity of &" "cqt-further:7")
4399  also AOT_have   x (¬[F]x & [F]x)
4400    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
4401       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
4402  also AOT_have   x (¬[F]x & [F]x)
4403    using "BF◇" "CBF◇" "≡I" by fast
4404  finally show ?thesis.
4405qed
4406
4407AOT_theorem "lem-cont-e:2": x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
4408proof -
4409  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4410    using "lem-cont-e:1".
4411  also AOT_have   x ([F]-x & ¬[F]-x)
4412    apply (AOT_subst ¬[F]-x [F]x for: x)
4413     apply (simp add: "thm-relation-negation:2")
4414    apply (AOT_subst [F]-x ¬[F]x for: x)
4415     apply (simp add: "thm-relation-negation:1")
4416    by (simp add: "oth-class-taut:3:a")
4417  finally show ?thesis.
4418qed
4419
4420AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
4421proof (rule "CBF◇"[THEN "→E"])
4422  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
4423  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4424  AOT_hence θ: E!a & ¬𝒜E!a
4425    using "KBasic2:3"[THEN "→E"] by blast
4426  AOT_have ξ: E!a & 𝒜¬E!a
4427    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
4428       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
4429  AOT_have ζ: E!a & 𝒜¬E!a
4430    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
4431       (auto simp add: "Act-Sub:4" ξ)
4432  AOT_hence E!a & ¬E!a
4433    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
4434  AOT_hence (E!a & ¬E!a) using "S5Basic:11"[THEN "≡E"(2)] by simp
4435  AOT_thus x (E!x & ¬E!x) using "∃I"(2) by fast
4436qed
4437
4438AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
4439proof -
4440  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
4441    using "lem-cont-e:1" GEN by fast
4442  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
4443    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4444  thus ?thesis using "thm-cont-e:1" "≡E" by blast
4445qed
4446
4447AOT_theorem "thm-cont-e:3": x E!x
4448proof (rule "CBF◇"[THEN "→E"])
4449  AOT_obtain a where (E!a & ¬E!a)
4450    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4451  AOT_hence E!a
4452    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
4453  AOT_thus x E!x using "∃I" by fast
4454qed
4455
4456AOT_theorem "thm-cont-e:4": x ¬E!x
4457proof (rule "CBF◇"[THEN "→E"])
4458  AOT_obtain a where (E!a & ¬E!a)
4459    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4460  AOT_hence ¬E!a
4461    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
4462  AOT_hence ¬E!a
4463    using "4◇"[THEN "→E"] by blast
4464  AOT_thus x ¬E!x using "∃I" by fast
4465qed
4466
4467AOT_theorem "thm-cont-e:5": Contingent([E!])
4468proof -
4469  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4470    using "thm-cont-prop:2" GEN by fast
4471  AOT_hence Contingent([E!])  x E!x & x ¬E!x
4472    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4473  thus ?thesis
4474    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
4475qed
4476
4477AOT_theorem "thm-cont-e:6": Contingent([E!]-)
4478proof -
4479  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
4480    using "thm-cont-prop:3" GEN by fast
4481  AOT_hence Contingent([E!])  Contingent([E!]-)
4482    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4483  thus ?thesis using "thm-cont-e:5" "≡E" by blast
4484qed
4485
4486AOT_theorem "thm-cont-e:7": FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
4487proof (rule "∃I")+
4488  AOT_have F [«F::<κ>»]  [F]- using "thm-relation-negation:5" GEN by fast
4489  AOT_hence [E!]  [E!]-
4490    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4491  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
4492    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
4493next
4494  AOT_show E!-
4495    by (fact AOT)
4496next
4497  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
4498qed
4499
4500AOT_theorem "property-facts:1": NonContingent([F])  ¬G (Contingent([G]) & G = F)
4501proof (rule "→I"; rule "raa-cor:2")
4502  AOT_assume NonContingent([F])
4503  AOT_hence 1: Necessary([F])  Impossible([F])
4504    using "contingent-properties:3"[THEN "≡dfE"] by blast
4505  AOT_assume G (Contingent([G]) & G = F)
4506  then AOT_obtain G where Contingent([G]) & G = F using "∃E"[rotated] by blast
4507  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
4508  AOT_hence ¬(Necessary([F])  Impossible([F]))
4509    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4510  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4511    using 1 "&I" by blast
4512qed
4513
4514AOT_theorem "property-facts:2": Contingent([F])  ¬G (NonContingent([G]) & G = F)
4515proof (rule "→I"; rule "raa-cor:2")
4516  AOT_assume Contingent([F])
4517  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
4518    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4519  AOT_assume G (NonContingent([G]) & G = F)
4520  then AOT_obtain G where NonContingent([G]) & G = F using "∃E"[rotated] by blast
4521  AOT_hence NonContingent([F]) using "rule=E" "&E" by blast
4522  AOT_hence Necessary([F])  Impossible([F])
4523    using "contingent-properties:3"[THEN "≡dfE"] by blast
4524  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4525    using 1 "&I" by blast
4526qed
4527
4528AOT_theorem "property-facts:3": L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
4529proof -
4530  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
4531    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
4532    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
4533  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
4534    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
4535  AOT_have not_noncontingent_if_contingent: ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
4536  proof(rule RAA(2))
4537    AOT_show ¬(Necessary([Π])  Impossible([Π]))
4538      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF contingent_denotes[OF that], THEN "≡E"(1)] by blast
4539  next
4540    AOT_assume NonContingent([Π])
4541    AOT_thus Necessary([Π])  Impossible([Π])
4542      using "contingent-properties:3"[THEN "≡dfE"] by blast
4543  qed
4544
4545  show ?thesis
4546  proof (safe intro!: "&I")
4547    AOT_show L  [L]-
4548      apply (rule "=dfI"(2)[OF L_def])
4549       apply "cqt:2[lambda]"
4550      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4551       apply (rule GEN) apply (fact AOT)
4552      by "cqt:2[lambda]"
4553  next
4554    AOT_show L  E!
4555      apply (rule noneqI)
4556      using "thm-noncont-e-e:3" not_noncontingent_if_contingent[OF "thm-cont-e:5"]
4557      by auto
4558  next
4559    AOT_show L  E!-
4560      apply (rule noneqI)
4561      using "thm-noncont-e-e:3" apply fast
4562      apply (rule not_noncontingent_if_contingent)
4563      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4564      using "thm-cont-prop:3" GEN apply fast
4565      using "thm-cont-e:5" by fast+
4566  next
4567    AOT_show [L]-  E!-
4568      apply (rule noneqI)
4569      using "thm-noncont-e-e:4" apply fast
4570      apply (rule not_noncontingent_if_contingent)
4571      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4572      using "thm-cont-prop:3" GEN apply fast
4573      using "thm-cont-e:5" by fast+
4574  next
4575    AOT_show E!  E!-
4576      apply (rule "=dfI"(2)[OF L_def])
4577       apply "cqt:2[lambda]"
4578      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4579       apply (rule GEN) apply (fact AOT)
4580      by (fact "cqt:2[concrete]"[axiom_inst])
4581  qed
4582qed
4583
4584AOT_theorem "thm-cont-propos:1": NonContingent0(p)  NonContingent0(((p)-))
4585proof(rule "≡I"; rule "→I")
4586  AOT_assume NonContingent0(p)
4587  AOT_hence Necessary0(p)  Impossible0(p)
4588    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4589  moreover {
4590    AOT_assume Necessary0(p)
4591    AOT_hence 1: p using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4592    AOT_have ¬((p)-)
4593      by (AOT_subst ¬((p)-) p)
4594         (auto simp add: 1 "thm-relation-negation:4")
4595    AOT_hence Impossible0(((p)-))
4596      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4597  }
4598  moreover {
4599    AOT_assume Impossible0(p)
4600    AOT_hence 1: ¬p
4601      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4602    AOT_have ((p)-)
4603      by (AOT_subst ((p)-) ¬p) 
4604         (auto simp: 1 "thm-relation-negation:3")
4605    AOT_hence Necessary0(((p)-))
4606      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4607  }
4608  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
4609    using "∨E"(1) "∨I" "→I" by metis
4610  AOT_thus NonContingent0(((p)-))
4611    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4612next
4613  AOT_assume NonContingent0(((p)-))
4614  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
4615    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4616  moreover {
4617    AOT_assume Impossible0(((p)-))
4618    AOT_hence 1: ¬((p)-)
4619      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4620    AOT_have p
4621      by (AOT_subst (reverse) p ¬((p)-))
4622         (auto simp: 1 "thm-relation-negation:4")
4623    AOT_hence Necessary0(p)
4624      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
4625  }
4626  moreover {
4627    AOT_assume Necessary0(((p)-))
4628    AOT_hence 1: ((p)-)
4629      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
4630    AOT_have ¬p
4631      by (AOT_subst (reverse) ¬p ((p)-))
4632         (auto simp: 1 "thm-relation-negation:3")
4633    AOT_hence Impossible0(p)
4634      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4635  }
4636  ultimately AOT_have Necessary0(p)  Impossible0(p)
4637    using "∨E"(1) "∨I" "→I" by metis
4638  AOT_thus NonContingent0(p)
4639    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4640qed
4641
4642AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
4643proof -
4644  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
4645    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
4646  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
4647    by (fact AOT)
4648  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
4649    by (fact AOT)
4650  also AOT_have   φ & ¬φ
4651    apply (AOT_subst φ ¬¬φ)
4652     apply (simp add: "conventions:5" "≡Df")
4653    apply (AOT_subst Impossible0(φ) ¬φ)
4654     apply (simp add: "contingent-properties:2[zero]" "≡Df")
4655    apply (AOT_subst (reverse) ¬φ ¬φ)
4656     apply (simp add: "KBasic:11")
4657    apply (AOT_subst Necessary0(φ) φ)
4658     apply (simp add: "contingent-properties:1[zero]" "≡Df")
4659    by (simp add: "oth-class-taut:3:a")
4660  finally show ?thesis.
4661qed
4662
4663AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
4664proof -
4665  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
4666  also AOT_have   ¬p & p by (fact AOT)
4667  also AOT_have   ((p)-) & p
4668    by (AOT_subst ((p)-) ¬p)
4669       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
4670  also AOT_have   ((p)-) & ¬((p)-)
4671    by (AOT_subst ¬((p)-) p)
4672       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
4673  also AOT_have   Contingent0(((p)-))
4674    using "thm-cont-propos:2"[symmetric] by blast
4675  finally show ?thesis.
4676qed
4677
4678AOT_define noncontingent_prop :: ‹φ› ("p0")
4679  p0_def: "(p0) =df (x (E!x  E!x))"
4680
4681AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
4682proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4683  AOT_show (p0)
4684    apply (rule "=dfI"(2)[OF p0_def])
4685    using "log-prop-prop:2" apply simp
4686    using "if-p-then-p" RN GEN by fast
4687qed
4688
4689AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
4690proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4691  AOT_show ¬((p0)-)
4692    apply (AOT_subst ((p0)-) ¬p0)
4693    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4694    apply (AOT_subst (reverse) ¬¬p0 p0)
4695     apply (simp add: "oth-class-taut:3:b")
4696    apply (rule "=dfI"(2)[OF p0_def])
4697    using "log-prop-prop:2" apply simp
4698    using "if-p-then-p" RN GEN by fast
4699qed
4700
4701AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
4702  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4703  using "thm-noncont-propos:1" "∨I" by blast
4704
4705AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
4706  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4707  using "thm-noncont-propos:2" "∨I" by blast
4708
4709AOT_theorem "thm-noncont-propos:5": pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
4710proof(rule "∃I")+
4711  AOT_have 0: φ  (φ)- for φ
4712    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4713  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
4714    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
4715qed(auto simp: "log-prop-prop:2")
4716
4717AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
4718proof(rule "raa-cor:2")
4719  AOT_assume x(E!x & ¬𝒜E!x)
4720  then AOT_obtain a where a: E!a & ¬𝒜E!a
4721    using "∃E"[rotated] by blast
4722  AOT_hence 𝒜¬E!a using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
4723  AOT_hence ¬E!a using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
4724  AOT_hence E!a & ¬E!a using a "&E" "&I" by blast
4725  AOT_thus p & ¬p for p using "raa-cor:1" by blast
4726qed
4727
4728AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
4729proof(rule "raa-cor:2")
4730  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
4731  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
4732    using "Act-Basic:10"[THEN "≡E"(1)] by blast
4733  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4734  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a using "Act-Basic:2"[THEN "≡E"(1)] by blast
4735  AOT_hence ¬𝒜𝒜E!a using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
4736  AOT_hence ¬𝒜E!a using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
4737  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
4738qed
4739
4740AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
4741proof (rule RAA(1))
4742  AOT_show ¬𝒜x (E!x & ¬𝒜E!x) using "pos-not-pna:1" by blast
4743next
4744  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
4745  AOT_hence x (E!x & ¬𝒜E!x)
4746    using "KBasic:12"[THEN "≡E"(2)] by blast
4747  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
4748    using "nec-imp-act"[THEN "→E"] by blast
4749qed
4750
4751AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
4752proof -
4753  AOT_obtain a where (E!a & ¬𝒜E!a)
4754    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
4755  AOT_hence θ: E!a and ξ: ¬𝒜E!a using "KBasic2:3"[THEN "→E"] "&E" by blast+
4756  AOT_have ¬𝒜E!a using ξ "KBasic:11"[THEN "≡E"(2)] by blast
4757  AOT_hence ¬𝒜E!a using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)] by blast
4758  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
4759  thus ?thesis using "∃I" by fast
4760qed
4761
4762AOT_define contingent_prop :: φ ("q0")
4763  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
4764
4765AOT_theorem q0_prop: q0 & ¬q0
4766  apply (rule "=dfI"(2)[OF q0_def])
4767  apply (fact "log-prop-prop:2")
4768  apply (rule "&I")
4769   apply (fact "qml:4"[axiom_inst])
4770  by (fact "pos-not-pna:2")
4771
4772AOT_theorem "basic-prop:1": Contingent0((q0))
4773proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4774  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
4775  proof (rule "&I"; rule "=dfI"(2)[OF q0_def]; (rule "log-prop-prop:2" | rule "raa-cor:2"))
4776    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
4777    AOT_hence x (E!x & ¬𝒜E!x)
4778      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4779    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
4780      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
4781    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
4782      using "pos-not-pna:1" "&I" by blast
4783  next
4784    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
4785    AOT_hence ¬(x (E!x & ¬𝒜E!x))
4786      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4787    AOT_hence ¬(x (E!x & ¬𝒜E!x)) using "KBasic2:1"[THEN "≡E"(1)] by blast
4788    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
4789      using "qml:4"[axiom_inst] "&I" by blast
4790  qed
4791  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
4792    using "oth-class-taut:5:d" "≡E"(2) by blast
4793qed
4794
4795AOT_theorem "basic-prop:2": p Contingent0((p))
4796  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
4797
4798AOT_theorem "basic-prop:3": Contingent0(((q0)-))
4799  apply (AOT_subst ((q0)-) ¬q0)
4800   apply (insert "thm-relation-negation:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
4801  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4802  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
4803  apply (rule "&I")
4804   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4805   apply (rule "conventions:5"[THEN "≡dfE"])
4806   apply (rule "=dfE"(2)[OF q0_def])
4807    apply (rule "log-prop-prop:2")
4808   apply (rule q0_prop[THEN "&E"(1)])
4809  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4810  apply (rule "conventions:5"[THEN "≡dfE"])
4811  by (rule q0_prop[THEN "&E"(2)])
4812
4813AOT_theorem "basic-prop:4": pq (p  q & Contingent0(p) & Contingent0(q))
4814proof(rule "∃I")+
4815  AOT_have 0: φ  (φ)- for φ
4816    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4817  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
4818    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
4819qed(auto simp: "log-prop-prop:2")
4820
4821AOT_theorem "proposition-facts:1": NonContingent0(p)  ¬q (Contingent0(q) & q = p)
4822proof(rule "→I"; rule "raa-cor:2")
4823  AOT_assume NonContingent0(p)
4824  AOT_hence 1: Necessary0(p)  Impossible0(p)
4825    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4826  AOT_assume q (Contingent0(q) & q = p)
4827  then AOT_obtain q where Contingent0(q) & q = p using "∃E"[rotated] by blast
4828  AOT_hence Contingent0(p) using "rule=E" "&E" by fast
4829  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4830    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
4831qed
4832
4833AOT_theorem "proposition-facts:2": Contingent0(p)  ¬q (NonContingent0(q) & q = p)
4834proof(rule "→I"; rule "raa-cor:2")
4835  AOT_assume Contingent0(p)
4836  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
4837    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4838  AOT_assume q (NonContingent0(q) & q = p)
4839  then AOT_obtain q where NonContingent0(q) & q = p using "∃E"[rotated] by blast
4840  AOT_hence NonContingent0(p) using "rule=E" "&E" by fast
4841  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4842    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
4843qed
4844
4845AOT_theorem "proposition-facts:3": (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
4846proof -
4847  {
4848    fix χ φ ψ
4849    AOT_assume χ{φ}
4850    moreover AOT_assume ¬χ{ψ}
4851    ultimately AOT_have ¬(χ{φ}  χ{ψ})
4852      using RAA "≡E" by metis
4853    moreover {
4854      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
4855        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
4856      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
4857        using "∀E" "log-prop-prop:2" by blast
4858    }
4859    ultimately AOT_have φ  ψ
4860      using "→E" by blast
4861  } note 0 = this
4862  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
4863    using "thm-cont-propos:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4864  AOT_have not_noncontingent_if_contingent: ¬NonContingent0(φ) if Contingent0(φ) for φ
4865    apply (rule "contingent-properties:3[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4866    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4867  show ?thesis
4868    apply (rule "&I")+
4869    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4870       apply (rule 0)
4871    using "thm-noncont-propos:3" apply fast
4872       apply (rule not_noncontingent_if_contingent)
4873       apply (fact AOT)
4874      apply (rule 0)
4875    apply (rule "thm-noncont-propos:3")
4876      apply (rule not_noncontingent_if_contingent)
4877      apply (rule contingent_neg[THEN "≡E"(1)])
4878      apply (fact AOT)
4879     apply (rule 0)
4880    apply (rule "thm-noncont-propos:4")
4881      apply (rule not_noncontingent_if_contingent)
4882      apply (rule contingent_neg[THEN "≡E"(1)])
4883     apply (fact AOT)
4884    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4885qed
4886
4887AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
4888  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
4889
4890AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
4891  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
4892
4893AOT_theorem "cont-true-cont:1": ContingentlyTrue((p))  Contingent0((p))
4894proof(rule "→I")
4895  AOT_assume ContingentlyTrue((p))
4896  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
4897  AOT_have ¬Necessary0((p))
4898    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4899    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
4900  moreover AOT_have ¬Impossible0((p))
4901    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4902    apply (rule "conventions:5"[THEN "≡dfE"])
4903    using "T◇"[THEN "→E", OF 1].
4904  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4905    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4906  AOT_thus Contingent0((p))
4907    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4908qed
4909
4910AOT_theorem "cont-true-cont:2": ContingentlyFalse((p))  Contingent0((p))
4911proof(rule "→I")
4912  AOT_assume ContingentlyFalse((p))
4913  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
4914  AOT_have ¬Necessary0((p))
4915    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4916    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
4917  moreover AOT_have ¬Impossible0((p))
4918    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4919    apply (rule "conventions:5"[THEN "≡dfE"])
4920    using 2.
4921  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4922    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4923  AOT_thus Contingent0((p))
4924    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4925qed
4926
4927AOT_theorem "cont-true-cont:3": ContingentlyTrue((p))  ContingentlyFalse(((p)-))
4928proof(rule "≡I"; rule "→I")
4929  AOT_assume ContingentlyTrue((p))
4930  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4931  AOT_have 1: ContingentlyFalse(¬p)
4932    apply (rule "cont-tf:2"[THEN "≡dfI"])
4933    apply (AOT_subst (reverse) ¬¬p p)
4934    by (auto simp: "oth-class-taut:3:b" 0)
4935  AOT_show ContingentlyFalse(((p)-))
4936    apply (AOT_subst ((p)-) ¬p)
4937    by (auto simp: "thm-relation-negation:3" 1)
4938next
4939  AOT_assume 1: ContingentlyFalse(((p)-))
4940  AOT_have ContingentlyFalse(¬p)
4941    by (AOT_subst (reverse) ¬p ((p)-))
4942       (auto simp: "thm-relation-negation:3" 1)
4943  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
4944  AOT_hence p & ¬p
4945    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
4946  AOT_thus ContingentlyTrue((p))
4947    using "cont-tf:1"[THEN "≡dfI"] by blast
4948qed
4949
4950AOT_theorem "cont-true-cont:4": ContingentlyFalse((p))  ContingentlyTrue(((p)-))
4951proof(rule "≡I"; rule "→I")
4952  AOT_assume ContingentlyFalse(p)
4953  AOT_hence 0: ¬p & p
4954    using "cont-tf:2"[THEN "≡dfE"] by blast
4955  AOT_have ¬p & ¬¬p
4956    by (AOT_subst (reverse) ¬¬p p)
4957       (auto simp: "oth-class-taut:3:b" 0)
4958  AOT_hence 1: ContingentlyTrue(¬p)
4959    by (rule "cont-tf:1"[THEN "≡dfI"])
4960  AOT_show ContingentlyTrue(((p)-))
4961    by (AOT_subst ((p)-) ¬p)
4962       (auto simp: "thm-relation-negation:3" 1)
4963next
4964  AOT_assume 1: ContingentlyTrue(((p)-))
4965  AOT_have ContingentlyTrue(¬p)
4966    by (AOT_subst (reverse) ¬p ((p)-))
4967       (auto simp add: "thm-relation-negation:3" 1)
4968  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4969  AOT_have p
4970    by (AOT_subst p ¬¬p)
4971       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
4972  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
4973  AOT_thus ContingentlyFalse(p)
4974    by (rule "cont-tf:2"[THEN "≡dfI"])
4975qed
4976
4977AOT_theorem "cont-true-cont:5": (ContingentlyTrue((p)) & Necessary0((q)))  p  q
4978proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4979  AOT_assume ContingentlyTrue((p))
4980  AOT_hence ¬p
4981    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
4982  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
4983  AOT_assume Necessary0((q))
4984  moreover AOT_assume ¬(p  q)
4985  AOT_hence p = q
4986    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4987          "useful-tautologies:1"[THEN "→E"] by blast
4988  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
4989  AOT_hence p
4990    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4991  AOT_thus p & ¬p using 0 "&I" by blast
4992qed
4993
4994AOT_theorem "cont-true-cont:6": (ContingentlyFalse((p)) & Impossible0((q)))  p  q
4995proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4996  AOT_assume ContingentlyFalse((p))
4997  AOT_hence p
4998    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
4999  AOT_hence 1: ¬¬p
5000    using "conventions:5"[THEN "≡dfE"] by blast
5001  AOT_assume Impossible0((q))
5002  moreover AOT_assume ¬(p  q)
5003  AOT_hence p = q
5004    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
5005          "useful-tautologies:1"[THEN "→E"] by blast
5006  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5007  AOT_hence ¬p
5008    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5009  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5010qed
5011
5012AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5013  apply (rule "cont-tf:2"[THEN "≡dfI"])
5014  apply (rule "=dfI"(2)[OF q0_def])
5015   apply (fact "log-prop-prop:2")
5016  apply (rule "&I")
5017   apply (fact "no-cnac")
5018  by (fact "qml:4"[axiom_inst])
5019
5020AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5021  apply (rule "cont-tf:1"[THEN "≡dfI"])
5022  apply (rule "=dfI"(2)[OF q0_def])
5023   apply (fact "log-prop-prop:2")
5024  apply (rule "&I")
5025     apply (rule "thm-relation-negation:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5026     apply (fact "no-cnac")
5027    apply (rule "rule=E"[rotated, OF "thm-relation-negation:7"[unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5028  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5029  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5030
5031(* TODO: q0cf-rem skipped for now *)
5032
5033AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5034proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5035  AOT_assume q0
5036  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5037  AOT_thus ContingentlyTrue(q0)
5038    by (rule "cont-tf:1"[THEN "≡dfI"])
5039next
5040  AOT_assume ¬q0
5041  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5042  AOT_hence ContingentlyFalse(q0)
5043    by (rule "cont-tf:2"[THEN "≡dfI"])
5044  AOT_thus ContingentlyTrue(((q0)-))
5045    by (rule "cont-true-cont:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
5046qed(auto simp: "log-prop-prop:2")
5047
5048
5049AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5050proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5051  AOT_assume q0
5052  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5053  AOT_hence ContingentlyTrue(q0)
5054    by (rule "cont-tf:1"[THEN "≡dfI"])
5055  AOT_thus ContingentlyFalse(((q0)-))
5056    by (rule "cont-true-cont:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
5057next
5058  AOT_assume ¬q0
5059  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5060  AOT_thus ContingentlyFalse(q0)
5061    by (rule "cont-tf:2"[THEN "≡dfI"])
5062qed(auto simp: "log-prop-prop:2")
5063
5064(* TODO: inspect modally strict subproof involving obtained variable *)
5065AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5066proof -
5067  fix x
5068  AOT_obtain p1 where ContingentlyTrue((p1))
5069    using "cont-tf-thm:1" "∃E"[rotated] by blast
5070  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5071  AOT_modally_strict {
5072    AOT_have for arbitrary p:  (z p]x  p)
5073      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5074    AOT_hence for arbitrary p:   (z p]x  p)
5075      by (rule RN)
5076    AOT_hence p (z p]x  p) using GEN by fast
5077    AOT_hence (z p1]x  p1) using "∀E" by fast
5078  } note 2 = this
5079  AOT_hence (z p1]x  p1) using "∀E" by blast
5080  AOT_hence z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5081  moreover AOT_have ¬z p1]x
5082    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5083    apply (AOT_subst z p1]x p1)
5084    using 1[THEN "&E"(2)] by blast
5085  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5086  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5087  moreover AOT_have z p1] by "cqt:2[lambda]"
5088  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5089qed
5090
5091(* TODO: inspect modally strict subproof involving obtained variable *)
5092AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5093proof -
5094  fix x
5095  AOT_obtain p1 where ContingentlyFalse((p1))
5096    using "cont-tf-thm:2" "∃E"[rotated] by blast
5097  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5098  AOT_modally_strict {
5099    AOT_have for arbitrary p:  (z p]x  p)
5100      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5101    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5102      using "oth-class-taut:4:b" "≡E" by blast
5103    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5104      by (rule RN)
5105    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5106    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5107  } note 2 = this
5108  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5109  AOT_hence 3: ¬z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5110  AOT_modally_strict {
5111    AOT_have for arbitrary p:  (z p]x  p)
5112      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5113    AOT_hence for arbitrary p:  (z p]x  p)
5114      by (rule RN)
5115    AOT_hence p (z p]x  p) using GEN by fast
5116    AOT_hence (z p1]x  p1) using "∀E" by fast
5117  } note 4 = this
5118  AOT_have z p1]x
5119    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5120    apply (AOT_subst z p1]x p1)
5121    using 1[THEN "&E"(2)] by blast
5122  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
5123  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
5124  moreover AOT_have z p1] by "cqt:2[lambda]"
5125  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5126qed
5127
5128context
5129begin
5130
5131private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5132    apply (rule "=dfI"(2)[OF L_def])
5133     apply "cqt:2[lambda]"
5134    apply (rule "beta-C-meta"[THEN "→E"])
5135  by "cqt:2[lambda]"
5136
5137private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5138    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5139
5140private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5141proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5142  fix x
5143  AOT_assume 1: φ
5144  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5145  also AOT_have   φ
5146    using "if-p-then-p" 1 "≡I" "→I" by simp
5147  also AOT_have   z φ]x
5148    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5149  finally AOT_show [L]x  z φ]x.
5150next
5151  fix x
5152  AOT_assume x([L]x  z φ]x)
5153  AOT_hence [L]x  z φ]x using "∀E" by blast
5154  also AOT_have   φ using eqnotnec_123_Aux_ω.
5155  finally AOT_have φ  [L]x using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5156  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
5157  finally AOT_show φ using "≡E" "if-p-then-p" by fast
5158qed
5159private lemmas eqnotnec_123_Aux_ξ =  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5160                      THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5161                      THEN "RM◇"]
5162private lemmas eqnotnec_123_Aux_ξ' = eqnotnec_123_Aux_θ[THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)], THEN "RM◇"]
5163
5164AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5165proof-
5166  AOT_obtain p1 where ContingentlyTrue(p1) using "cont-tf-thm:1" "∃E"[rotated] by blast
5167  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5168  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
5169    apply - apply (rule "&I")
5170    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)] eqnotnec_123_Aux_ξ "→E" by fast+
5171  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
5172    by (rule "∃I") "cqt:2[lambda]"
5173  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
5174    apply (rule "∃I")
5175    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5176qed
5177
5178AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5179proof-
5180  AOT_obtain p1 where ContingentlyFalse(p1) using "cont-tf-thm:2" "∃E"[rotated] by blast
5181  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5182  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
5183    apply - apply (rule "&I")
5184    using "&E" eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)] eqnotnec_123_Aux_ξ' "→E" by fast+
5185  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
5186    by (rule "∃I") "cqt:2[lambda]"
5187  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
5188    apply (rule "∃I")
5189    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5190qed
5191
5192AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5193proof-
5194  AOT_have ¬𝒜q0
5195    apply (rule "=dfI"(2)[OF q0_def])
5196     apply (fact "log-prop-prop:2")
5197    by (fact AOT)
5198  AOT_hence 𝒜¬q0
5199    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5200  AOT_hence 𝒜¬x ([L]x  z q0]x)
5201    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5202            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5203            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
5204  moreover AOT_have x ([L]x  z q0]x) using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
5205  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x) using "&I" by blast
5206  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
5207    by (rule "∃I") "cqt:2[lambda]"
5208  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5209    apply (rule "∃I")
5210    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5211qed
5212
5213end
5214
5215(* TODO[IMPORTANT]: proof of 219.4 ζ: appeal to (159.2) requires a theorem, but the result has local
5216   assumptions! *)
5217AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5218proof(rule GEN)
5219  fix F
5220
5221  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5222  proof(rule "→I"; rule GEN)
5223    AOT_modally_strict {
5224    fix x
5225    AOT_assume 0: ψ
5226    AOT_have z [F]z & ψ]x  [F]x & ψ
5227      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5228    also AOT_have ...  [F]x
5229      apply (rule "≡I"; rule "→I")
5230      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5231      using 0 "&I" by blast
5232    finally AOT_show [F]x  z [F]z & ψ]x
5233      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5234    }
5235  qed
5236
5237  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5238  proof (rule "→I"; rule GEN)
5239    AOT_modally_strict {
5240      fix x
5241      AOT_assume 0: ψ
5242      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5243        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5244      also AOT_have ...  [F]x
5245        apply (rule "≡I"; rule "→I")
5246        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5247        apply (rule "∨I"(1)) using 0 "&I" by blast
5248      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5249        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5250    }
5251  qed
5252
5253  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5254  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
5255  AOT_modally_strict {
5256      AOT_assume 0: ¬ψ
5257      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5258      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5259      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5260          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5261      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5262        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5263      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5264        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5265      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5266      ultimately AOT_have ψ using "≡E" "&E" by metis
5267      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5268    }
5269  qed
5270
5271  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5272  proof (rule "→I")
5273    AOT_assume A: z([F]z  z [F]z & ψ]z)
5274    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5275    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
5276          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
5277          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5278      AOT_modally_strict {
5279        AOT_assume z ([F]z  z [F]z & ψ]z)
5280        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5281        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5282        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5283        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5284        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5285      }
5286    next
5287      AOT_modally_strict {
5288        AOT_assume z ([F]z  z [F]z & ψ]z)
5289        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5290        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5291        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5292        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5293        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5294      }
5295    qed(auto simp: A)
5296  qed
5297
5298  AOT_obtain p1 where p1_prop: p1 & ¬p1 using "cont-tf-thm:1" "∃E"[rotated] "cont-tf:1"[THEN "≡dfE"] by blast
5299  {
5300    AOT_assume 1: x([F]x  z [F]z & p1]x)
5301    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5302      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5303    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5304      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5305    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5306      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5307    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) & ¬x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5308    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5309      by (rule "∃I"(1)) "cqt:2[lambda]"
5310  }
5311  moreover {
5312    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5313    AOT_hence ¬x([F]x  z [F]z & p1]x)
5314      using "KBasic:11"[THEN "≡E"(1)] by blast
5315    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
5316      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
5317    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5318      by (rule "∃I"(1)) "cqt:2[lambda]"
5319  }
5320  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5321    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5322qed
5323
5324AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5325proof(rule GEN)
5326  fix F
5327
5328  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5329  proof(rule "RM◇"; rule "→I"; rule GEN)
5330    AOT_modally_strict {
5331    fix x
5332    AOT_assume 0: ψ
5333    AOT_have z [F]z & ψ]x  [F]x & ψ
5334      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5335    also AOT_have ...  [F]x
5336      apply (rule "≡I"; rule "→I")
5337      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5338      using 0 "&I" by blast
5339    finally AOT_show [F]x  z [F]z & ψ]x
5340      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5341    }
5342  qed
5343
5344  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5345  proof (rule "RM◇"; rule "→I"; rule GEN)
5346    AOT_modally_strict {
5347      fix x
5348      AOT_assume 0: ψ
5349      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5350        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5351      also AOT_have ...  [F]x
5352        apply (rule "≡I"; rule "→I")
5353        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5354        apply (rule "∨I"(1)) using 0 "&I" by blast
5355      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5356        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5357    }
5358  qed
5359
5360  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5361  proof(rule "→I"; rule "raa-cor:2")
5362  AOT_modally_strict {
5363      AOT_assume 0: ¬ψ
5364      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5365      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5366      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5367          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5368      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5369        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5370      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5371        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5372      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5373      ultimately AOT_have ψ using "≡E" "&E" by metis
5374      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5375    }
5376  qed
5377
5378  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5379  proof (rule "→I"; rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5380    AOT_modally_strict {
5381      AOT_assume z ([F]z  z [F]z & ψ]z)
5382      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5383      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5384      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5385      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5386      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5387    }
5388  next
5389    AOT_modally_strict {
5390      AOT_assume z ([F]z  z [F]z & ψ]z)
5391      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5392      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5393      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5394      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5395      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5396    }
5397  qed
5398
5399  AOT_obtain p1 where p1_prop: ¬p1 & p1 using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
5400  {
5401    AOT_assume 1: x([F]x  z [F]z & p1]x)
5402    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5403      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5404    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5405      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5406    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5407      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5408    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) & x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5409    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5410      by (rule "∃I"(1)) "cqt:2[lambda]"
5411  }
5412  moreover {
5413    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5414    AOT_hence ¬x([F]x  z [F]z & p1]x)
5415      using "KBasic:11"[THEN "≡E"(1)] by blast
5416    AOT_hence ¬x ([F]x  z [F]z & p1]x) & x([F]x  z [F]z & p1]x)
5417      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
5418    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5419      by (rule "∃I"(1)) "cqt:2[lambda]"
5420  }
5421  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5422    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5423qed
5424
5425AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5426proof(rule GEN)
5427  fix F
5428
5429  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5430  proof(rule "RM◇"; rule "→I"; rule GEN)
5431    AOT_modally_strict {
5432    fix x
5433    AOT_assume 0: ψ
5434    AOT_have z [F]z & ψ]x  [F]x & ψ
5435      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5436    also AOT_have ...  [F]x
5437      apply (rule "≡I"; rule "→I")
5438      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5439      using 0 "&I" by blast
5440    finally AOT_show [F]x  z [F]z & ψ]x
5441      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5442    }
5443  qed
5444
5445  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5446  proof (rule "RM◇"; rule "→I"; rule GEN)
5447    AOT_modally_strict {
5448      fix x
5449      AOT_assume 0: ψ
5450      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5451        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5452      also AOT_have ...  [F]x
5453        apply (rule "≡I"; rule "→I")
5454        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5455        apply (rule "∨I"(1)) using 0 "&I" by blast
5456      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5457        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5458    }
5459  qed
5460
5461  AOT_have Aux_C:  𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5462  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
5463  AOT_modally_strict {
5464      AOT_assume 0: ¬ψ
5465      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5466      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5467      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5468          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5469      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5470        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5471      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5472        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5473      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5474      ultimately AOT_have ψ using "≡E" "&E" by metis
5475      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5476    }
5477  qed
5478
5479  AOT_have (z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
5480  proof (rule RN; rule "→I")
5481    AOT_modally_strict {
5482        AOT_assume z ([F]z  z [F]z & ψ]z)
5483        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5484          apply -
5485        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5486          AOT_assume z ([F]z  z [F]z & ψ]z)
5487          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5488          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5489          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5490          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5491          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5492        next
5493            AOT_assume z ([F]z  z [F]z & ψ]z)
5494            AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5495            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5496            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5497            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5498            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5499        qed
5500    }
5501  qed
5502  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
5503    using "nec-imp-act"[THEN "→E"] by blast
5504  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z)  𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5505    using "act-cond"[THEN "→E"] by blast
5506  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z)  (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5507    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
5508
5509  AOT_have ¬𝒜q0
5510    apply (rule "=dfI"(2)[OF q0_def])
5511     apply (fact "log-prop-prop:2")
5512    by (fact AOT)
5513  AOT_hence q0_prop_1: 𝒜¬q0
5514    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5515  {
5516    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
5517    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
5518      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
5519    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
5520      using Aux_C[THEN "→E", OF q0_prop_1].
5521    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
5522      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5523    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) & x([F]x  z [F]z & q0  ¬q0]x) using 2 "&I" by blast
5524    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5525      by (rule "∃I"(1)) "cqt:2[lambda]"
5526  }
5527  moreover {
5528    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
5529    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
5530      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5531    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
5532      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
5533    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5534      by (rule "∃I"(1)) "cqt:2[lambda]"
5535  }
5536  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5537    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5538qed
5539
5540AOT_theorem "oa-contingent:1": O!  A!
5541proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
5542  fix x
5543  AOT_assume 1: O! = A!
5544  AOT_hence x E!x] = A!
5545    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5546  AOT_hence x E!x] = x ¬E!x]
5547    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5548  moreover AOT_have x E!x]x  E!x
5549    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5550  ultimately AOT_have x ¬E!x]x  E!x
5551    using "rule=E" by fast
5552  moreover AOT_have x ¬E!x]x  ¬E!x
5553    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5554  ultimately AOT_have E!x  ¬E!x using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
5555  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)" using "oth-class-taut:3:c" "&I" by blast
5556qed
5557
5558AOT_theorem "oa-contingent:2": O!x  ¬A!x
5559proof -
5560  AOT_have O!x  x E!x]x
5561    apply (rule "≡I"; rule "→I")
5562     apply (rule "=dfE"(2)[OF AOT_ordinary])
5563      apply "cqt:2[lambda]"
5564     apply argo
5565    apply (rule  "=dfI"(2)[OF AOT_ordinary])
5566     apply "cqt:2[lambda]"
5567    by argo
5568  also AOT_have   E!x
5569    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5570  also AOT_have   ¬¬E!x
5571    using "oth-class-taut:3:b".
5572  also AOT_have   ¬x ¬E!x]x
5573    by (rule "beta-C-meta"[THEN "→E", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric]) "cqt:2[lambda]"
5574  also AOT_have   ¬A!x
5575    apply (rule "≡I"; rule "→I")
5576     apply (rule "=dfI"(2)[OF AOT_abstract])
5577      apply "cqt:2[lambda]"
5578     apply argo
5579    apply (rule "=dfE"(2)[OF AOT_abstract])
5580     apply "cqt:2[lambda]"
5581    by argo
5582  finally show ?thesis.
5583qed
5584
5585AOT_theorem "oa-contingent:3": A!x  ¬O!x
5586  by (AOT_subst A!x ¬¬A!x)
5587     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
5588
5589AOT_theorem "oa-contingent:4": Contingent(O!)
5590proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)]; rule "&I")
5591  AOT_have x E!x using "thm-cont-e:3" .
5592  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5593  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5594  AOT_hence x E!x]a
5595    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5596  AOT_hence O!a
5597    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5598  AOT_hence x O!x using "∃I" by blast
5599  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
5600next
5601  AOT_obtain a where A!a
5602    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5603  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
5604  AOT_hence x ¬O!x using "∃I" by fast
5605  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
5606qed
5607
5608AOT_theorem "oa-contingent:5": Contingent(A!)
5609proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)]; rule "&I")
5610  AOT_obtain a where A!a
5611    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5612  AOT_hence x A!x using "∃I" by fast
5613  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
5614next
5615  AOT_have x E!x using "thm-cont-e:3" .
5616  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5617  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5618  AOT_hence x E!x]a
5619    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5620  AOT_hence O!a
5621    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5622  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
5623  AOT_hence x ¬A!x using "∃I" by fast
5624  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
5625qed
5626
5627AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
5628proof -
5629  AOT_have O!x  ¬A!x
5630    using "oa-contingent:2" by blast
5631  also AOT_have   A!-x
5632    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
5633  finally AOT_have 1: O!x  A!-x.
5634
5635  AOT_have A!x  ¬O!x
5636    using "oa-contingent:3" by blast
5637  also AOT_have   O!-x
5638    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
5639  finally AOT_have 2: A!x  O!-x.
5640
5641  AOT_show O!-x  ¬A!-x
5642    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "oa-contingent:3"[of _ x] 2[symmetric]
5643          "≡E"(5) by blast
5644qed
5645
5646AOT_theorem "oa-contingent:6": O!-  A!-
5647proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5648  AOT_assume 1: O!- = A!-
5649  fix x
5650  AOT_have A!-x  O!-x
5651    apply (rule "rule=E"[rotated, OF 1]) by (fact "oth-class-taut:3:a")
5652  AOT_hence A!-x  ¬A!-x
5653    using "oa-contingent:7" "≡E" by fast
5654  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x) using "oth-class-taut:3:c" "&I" by blast
5655qed
5656
5657AOT_theorem "oa-contingent:8": Contingent(O!-)
5658  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1), OF "oa-contingent:4"].
5659
5660AOT_theorem "oa-contingent:9": Contingent(A!-)
5661  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1), OF "oa-contingent:5"].
5662
5663AOT_define WeaklyContingent :: ‹Π  φ› ("WeaklyContingent'(_')")
5664  "df-cont-nec": "WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)"
5665
5666AOT_theorem "cont-nec-fact1:1": WeaklyContingent([F])  WeaklyContingent([F]-)
5667proof -
5668  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
5669    using "df-cont-nec"[THEN "≡Df"] by blast
5670  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
5671    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
5672    using "thm-cont-prop:3".
5673  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
5674  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)]; rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
5675    fix x
5676    AOT_assume 0: x ([F]x  [F]x)
5677    AOT_assume 1: [F]-x
5678    AOT_have ¬[F]x
5679      by (AOT_subst (reverse) ¬[F]x [F]-x)
5680         (auto simp add: "thm-relation-negation:1" 1)
5681    AOT_hence 2: ¬[F]x
5682      using "KBasic:11"[THEN "≡E"(2)] by blast
5683    AOT_show [F]-x
5684    proof (rule "raa-cor:1")
5685      AOT_assume 3: ¬[F]-x
5686      AOT_have ¬¬[F]x
5687        by (AOT_subst (reverse) ¬[F]x [F]-x)
5688           (auto simp add: "thm-relation-negation:1" 3)
5689      AOT_hence [F]x
5690        using "conventions:5"[THEN "≡dfI"] by simp
5691      AOT_hence [F]x using 0 "∀E" "→E" by fast
5692      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
5693    qed
5694  next
5695    fix x
5696    AOT_assume 0: x ([F]-x  [F]-x)
5697    AOT_assume 1: [F]x
5698    AOT_have ¬[F]-x
5699      by (AOT_subst ¬[F]-x [F]x)
5700         (auto simp: "thm-relation-negation:2" 1)
5701    AOT_hence 2: ¬[F]-x
5702      using "KBasic:11"[THEN "≡E"(2)] by blast
5703    AOT_show [F]x
5704    proof (rule "raa-cor:1")
5705      AOT_assume 3: ¬[F]x
5706      AOT_have ¬¬[F]-x
5707        by (AOT_subst ¬[F]-x [F]x)
5708           (auto simp add: "thm-relation-negation:2" 3)
5709      AOT_hence [F]-x
5710        using "conventions:5"[THEN "≡dfI"] by simp
5711      AOT_hence [F]-x using 0 "∀E" "→E" by fast
5712      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
5713    qed
5714  qed
5715  also AOT_have   WeaklyContingent([F]-)
5716    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
5717  finally show ?thesis.
5718qed
5719
5720AOT_theorem "cont-nec-fact1:2": (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
5721proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5722  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
5723  AOT_hence WeaklyContingent([F]) using "&E" by blast
5724  moreover AOT_assume F = G
5725  ultimately AOT_have WeaklyContingent([G])
5726    using "rule=E" by blast
5727  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
5728    using 1 "&I" "&E" by blast
5729qed
5730
5731AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
5732proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5733  AOT_show Contingent(O!)
5734    using "oa-contingent:4".
5735next
5736  AOT_show x ([O!]x  [O!]x)
5737    apply (rule GEN; rule "→I")
5738    using "oa-facts:5"[THEN "≡E"(1)] by blast
5739qed
5740
5741
5742AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
5743proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5744  AOT_show Contingent(A!)
5745    using "oa-contingent:5".
5746next
5747  AOT_show x ([A!]x  [A!]x)
5748    apply (rule GEN; rule "→I")
5749    using "oa-facts:6"[THEN "≡E"(1)] by blast
5750qed
5751
5752AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
5753proof (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5754       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
5755  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
5756  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
5757  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
5758  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
5759  moreover AOT_assume x ([E!]x  [E!]x)
5760  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
5761  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
5762  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
5763  moreover AOT_have ¬𝒜E!a using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
5764  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
5765  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5766qed
5767
5768AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
5769  apply (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5770       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
5771  apply (rule "contingent-properties:4"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5772  apply (rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "useful-tautologies:2"[THEN "→E"])
5773  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
5774
5775(* TODO: cleanup *)
5776AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
5777proof -
5778  AOT_have 1: L
5779    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5780  {
5781    fix φ and Π Π' :: <κ>
5782    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5783    proof (rule "raa-cor:2")
5784      AOT_assume φ{Π'}  φ{Π}
5785      AOT_hence φ{Π'} using that(1) "≡E" by blast
5786      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5787    qed
5788    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5789      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5790  } note 0 = this
5791  show ?thesis
5792    apply(safe intro!: "&I"; rule 0)
5793    using "cqt:2[concrete]"[axiom_inst] apply blast
5794    using "oa-exist:1" apply blast
5795    using "cont-nec-fact2:3" apply fast
5796    apply (rule "useful-tautologies:2"[THEN "→E"])
5797    using "cont-nec-fact2:1" apply fast
5798    using "rel-neg-T:3" apply fast
5799    using "oa-exist:1" apply blast
5800    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5801    apply (rule "useful-tautologies:2"[THEN "→E"])
5802    using "cont-nec-fact2:1" apply blast
5803    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5804    using "oa-exist:1" apply fast
5805    using "cont-nec-fact2:4" apply fast
5806    apply (rule "useful-tautologies:2"[THEN "→E"])
5807    using "cont-nec-fact2:1" apply fast
5808    using "rel-neg-T:3" apply fast
5809    using "oa-exist:1" apply fast
5810    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5811    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5812    apply (rule "useful-tautologies:2"[THEN "→E"])
5813    using "cont-nec-fact2:1" by blast
5814qed
5815
5816(* TODO: cleanup together with above *)
5817AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
5818proof -
5819  AOT_have 1: L
5820    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5821  {
5822    fix φ and Π Π' :: <κ>
5823    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5824    proof (rule "raa-cor:2")
5825      AOT_assume φ{Π'}  φ{Π}
5826      AOT_hence φ{Π'} using that(1) "≡E" by blast
5827      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5828    qed
5829    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5830      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5831  } note 0 = this
5832  show ?thesis
5833    apply(safe intro!: "&I"; rule 0)
5834    using "cqt:2[concrete]"[axiom_inst] apply blast
5835    using "oa-exist:2" apply blast
5836    using "cont-nec-fact2:3" apply fast
5837    apply (rule "useful-tautologies:2"[THEN "→E"])
5838    using "cont-nec-fact2:2" apply fast
5839    using "rel-neg-T:3" apply fast
5840    using "oa-exist:2" apply blast
5841    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5842    apply (rule "useful-tautologies:2"[THEN "→E"])
5843    using "cont-nec-fact2:2" apply blast
5844    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5845    using "oa-exist:2" apply fast
5846    using "cont-nec-fact2:4" apply fast
5847    apply (rule "useful-tautologies:2"[THEN "→E"])
5848    using "cont-nec-fact2:2" apply fast
5849    using "rel-neg-T:3" apply fast
5850    using "oa-exist:2" apply fast
5851    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5852    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5853    apply (rule "useful-tautologies:2"[THEN "→E"])
5854    using "cont-nec-fact2:2" by blast
5855qed
5856
5857AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
5858  Δp df p  (¬𝒜p & p)
5859
5860AOT_theorem sixteen:
5861 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
5862«F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 & F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 & F1  F14 & F1  F15 & F1  F16 &
5863F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 & F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 & F2  F15 & F2  F16 &
5864F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 & F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
5865F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 & F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
5866F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 & F5  F13 & F5  F14 & F5  F15 & F5  F16 &
5867F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 & F6  F14 & F6  F15 & F6  F16 &
5868F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 & F7  F15 & F7  F16 &
5869F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 & F8  F16 &
5870F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
5871F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
5872F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
5873F12  F13 & F12  F14 & F12  F15 & F12  F16 &
5874F13  F14 & F13  F15 & F13  F16 &
5875F14  F15 & F14  F16 &
5876F15  F16) 
5877proof -
5878
5879  AOT_have Delta_pos: Δφ  φ for φ
5880  proof(rule "→I")
5881    AOT_assume Δφ
5882    AOT_hence φ  (¬𝒜φ & φ)
5883      using "≡dfE"[OF necessary_or_contingently_false] by blast
5884    moreover {
5885      AOT_assume φ
5886      AOT_hence φ
5887        by (metis "B◇" "T◇" "vdash-properties:10")
5888    }
5889    moreover {
5890      AOT_assume ¬𝒜φ & φ
5891      AOT_hence φ
5892        using "&E" by blast
5893    }
5894    ultimately AOT_show φ
5895      by (metis "∨E"(2) "raa-cor:1") 
5896  qed
5897
5898  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5899    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false "raa-cor:3" that(1) that(2) by blast
5900  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5901    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1) that(2) by blast
5902  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
5903    using Delta_pos "modus-tollens:1" that by blast
5904  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
5905    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1) that(2))
5906  AOT_have nec_delta: Δφ if φ for φ
5907    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
5908
5909  AOT_obtain a where a_prop: A!a
5910    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5911  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
5912    using "pos-not-pna:3" using "∃E"[rotated] by blast
5913
5914  AOT_have b_ord: [O!]b
5915  proof(rule "=dfI"(2)[OF AOT_ordinary])
5916    AOT_show x [E!]x] by "cqt:2[lambda]"
5917  next
5918    AOT_show x [E!]x]b
5919    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
5920      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
5921      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
5922    qed
5923  qed
5924
5925  AOT_have nec_not_L_neg: ¬[L-]x for x
5926    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
5927          CBF[THEN "→E"] "∀E" by blast
5928  AOT_have nec_L: [L]x for x
5929    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
5930      CBF[THEN "→E"] "∀E" by blast
5931
5932  AOT_have act_ord_b: 𝒜[O!]b
5933    using b_ord "≡E"(1) "oa-facts:7" by blast
5934  AOT_have delta_ord_b: Δ[O!]b
5935    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false "oa-facts:1" "vdash-properties:10")
5936  AOT_have not_act_ord_a: ¬𝒜[O!]a
5937    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
5938  AOT_have not_delta_ord_a: ¬Δ[O!]a
5939    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "reductio-aa:1" "vdash-properties:10")
5940
5941  AOT_have not_act_abs_b: ¬𝒜[A!]b
5942    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
5943  AOT_have not_delta_abs_b: ¬Δ[A!]b
5944  proof(rule "raa-cor:2")
5945    AOT_assume Δ[A!]b
5946    AOT_hence [A!]b
5947      by (metis Delta_pos "vdash-properties:10")
5948    AOT_thus [A!]b & ¬[A!]b
5949      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2" "oa-facts:4" "vdash-properties:10")
5950  qed
5951  AOT_have act_abs_a: 𝒜[A!]a
5952    using a_prop "≡E"(1) "oa-facts:8" by blast
5953  AOT_have delta_abs_a: Δ[A!]a
5954      by (metis "≡dfI" a_prop "oa-facts:2" "vdash-properties:10" "∨I"(1) necessary_or_contingently_false)
5955
5956  AOT_have not_act_concrete_b: ¬𝒜[E!]b
5957    using b_prop "&E"(2) by blast
5958  AOT_have delta_concrete_b: Δ[E!]b
5959  proof (rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5960    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
5961  next
5962    AOT_show [E!]b using b_prop "&E"(1) by blast
5963  qed
5964  AOT_have not_act_concrete_a: ¬𝒜[E!]a
5965  proof (rule "raa-cor:2")
5966    AOT_assume 𝒜[E!]a
5967    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "vdash-properties:10")
5968    AOT_have [A!]a by (simp add: a_prop)
5969    AOT_hence x ¬[E!]x]a
5970      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5971    AOT_hence ¬[E!]a using "β→C"(1) by blast
5972    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5973  qed
5974  AOT_have not_delta_concrete_a: ¬Δ[E!]a
5975  proof (rule "raa-cor:2")
5976    AOT_assume Δ[E!]a
5977    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
5978    AOT_have [A!]a by (simp add: a_prop)
5979    AOT_hence x ¬[E!]x]a
5980      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5981    AOT_hence ¬[E!]a using "β→C"(1) by blast
5982    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5983  qed
5984
5985  AOT_have not_act_q_zero: ¬𝒜q0
5986    by (meson "log-prop-prop:2" "pos-not-pna:1" q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
5987  AOT_have delta_q_zero: Δq0
5988  proof(rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5989    AOT_show ¬𝒜q0 using not_act_q_zero.
5990    AOT_show q0 by (meson "&E"(1) q0_prop)
5991  qed
5992  AOT_have act_not_q_zero: 𝒜¬q0 using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
5993  AOT_have not_delta_not_q_zero: ¬Δ¬q0
5994      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
5995
5996  AOT_have [L-] by (simp add: "rel-neg-T:3")
5997  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
5998  proof (safe intro!: "&I")
5999    AOT_show ¬𝒜[L-]b by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
6000    AOT_show ¬Δ[L-]b by (meson Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg)
6001    AOT_show ¬𝒜[L-]a by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
6002    AOT_show ¬Δ[L-]a using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg by blast
6003  qed
6004  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
6005    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6006  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
6007    using "&E" by blast+
6008  note props = this
6009
6010  let  = "«y [A!]y & q0]»"
6011  AOT_modally_strict {
6012    AOT_have [«»] by "cqt:2[lambda]"
6013  } note 1 = this
6014  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6015  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
6016    AOT_show ¬𝒜([A!]b & q0)
6017      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
6018  next AOT_show ¬Δ([A!]b & q0)
6019      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b "oa-facts:4" "oa-facts:8" "raa-cor:3" "vdash-properties:10")
6020  next AOT_show ¬𝒜([A!]a & q0)
6021      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero "raa-cor:3" by blast
6022  next AOT_show Δ([A!]a & q0)
6023    proof (rule not_act_and_pos_delta)
6024      AOT_show ¬𝒜([A!]a & q0)
6025        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero "raa-cor:3" by blast
6026    next AOT_show ([A!]a & q0)
6027        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a "≡E"(1) "oa-facts:6" q0_prop)
6028    qed
6029  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6030  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
6031    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6032  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
6033    using "&E" by blast+
6034  note props = props this
6035
6036  let  = "«y [A!]y & ¬q0]»"
6037  AOT_modally_strict {
6038    AOT_have [«»] by "cqt:2[lambda]"
6039  } note 1 = this
6040  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6041  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
6042    AOT_show ¬𝒜([A!]b & ¬q0)
6043      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
6044  next AOT_show ¬Δ([A!]b & ¬q0)
6045      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
6046  next AOT_show 𝒜([A!]a & ¬q0)
6047      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
6048  next AOT_show ¬Δ([A!]a & ¬q0)
6049    proof (rule act_and_not_nec_not_delta)
6050      AOT_show 𝒜([A!]a & ¬q0)
6051        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
6052    next
6053      AOT_show ¬([A!]a & ¬q0)
6054        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4) q0_prop "raa-cor:3")
6055    qed
6056  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6057  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
6058    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6059  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
6060    using "&E" by blast+
6061  note props = props this
6062
6063  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
6064    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b by presburger
6065  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
6066    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
6067  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
6068    using "&E" by blast+
6069  note props = props this
6070
6071  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
6072    by (meson "&I" delta_concrete_b not_act_concrete_a not_act_concrete_b not_delta_concrete_a)
6073  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
6074    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6075  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
6076    using "&E" by blast+
6077  note props = props this
6078
6079  AOT_modally_strict {
6080    AOT_have y q0] by "cqt:2[lambda]"
6081  } note 1 = this
6082  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
6083    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
6084       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
6085  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
6086    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6087  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
6088    using "&E" by blast+
6089  note props = props this
6090
6091  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
6092  AOT_modally_strict {
6093    AOT_have [«»] by "cqt:2[lambda]"
6094  } note 1 = this
6095  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6096  proof(safe intro!: "&I"; AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
6097    AOT_have 𝒜¬([A!]b & ¬q0)
6098      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
6099                "≡E"(1) "raa-cor:3")
6100    moreover AOT_have ¬𝒜[E!]b
6101      using b_prop "&E"(2) by blast
6102    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
6103      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
6104    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
6105      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
6106         (auto simp: "oth-class-taut:5:d" 2)
6107    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
6108      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
6109  next
6110    AOT_show Δ([E!]b  ([A!]b & ¬q0))
6111    proof (rule not_act_and_pos_delta)
6112      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
6113        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b not_act_concrete_b "raa-cor:3")
6114    next
6115      AOT_show ([E!]b  ([A!]b & ¬q0))
6116        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6117    qed
6118  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6119      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6120  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
6121    proof (rule act_and_not_nec_not_delta)
6122      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6123        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6124    next
6125      AOT_have ¬[E!]a
6126        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2) necessary_or_contingently_false not_act_concrete_a not_delta_concrete_a "raa-cor:3")
6127      moreover AOT_have ¬([A!]a & ¬q0)
6128        by (metis "KBasic2:1" "KBasic:11" "KBasic:3" "&E"(1) "&E"(2) "≡E"(1) q0_prop "raa-cor:3")
6129      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0)) by (metis "KBasic:16" "&I" "vdash-properties:10")
6130      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
6131        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
6132      AOT_thus ¬([E!]a  ([A!]a & ¬q0)) by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
6133    qed
6134  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6135  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
6136    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6137  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
6138    using "&E" by blast+
6139  note props = props this
6140
6141  let  = "«y [A!]y  [E!]y]»"
6142  AOT_modally_strict {
6143    AOT_have [«»] by "cqt:2[lambda]"
6144  } note 1 = this
6145  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
6146  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
6147    AOT_show ¬𝒜([A!]b  [E!]b)
6148      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6149  next AOT_show Δ([A!]b  [E!]b)
6150    proof (rule not_act_and_pos_delta)
6151      AOT_show ¬𝒜([A!]b  [E!]b)
6152        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6153    next AOT_show ([A!]b  [E!]b)
6154        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
6155    qed
6156  next AOT_show 𝒜([A!]a  [E!]a)
6157      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
6158  next AOT_show Δ([A!]a  [E!]a)
6159    proof (rule nec_delta)
6160      AOT_show ([A!]a  [E!]a)
6161        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "vdash-properties:10")
6162    qed
6163  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6164  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
6165    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6166  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
6167    using "&E" by blast+
6168  note props = props this
6169
6170  let  = "«y [O!]y & ¬[E!]y]»"
6171  AOT_modally_strict {
6172    AOT_have [«»] by "cqt:2[lambda]"
6173  } note 1 = this
6174  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
6175  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
6176    AOT_show 𝒜([O!]b & ¬[E!]b)
6177      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:3")
6178  next AOT_show ¬Δ([O!]b & ¬[E!]b)
6179      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1" act_and_not_nec_not_delta "act-conj-act:3"
6180                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2) "df-rules-formulas[3]"
6181                "≡E"(3) "raa-cor:1" "→E")
6182  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
6183      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
6184  next AOT_have ¬([O!]a & ¬[E!]a)
6185      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "raa-cor:3" "vdash-properties:10")
6186    AOT_thus ¬Δ([O!]a & ¬[E!]a)
6187      by (rule impossible_delta)
6188  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6189  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
6190    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6191  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
6192    using "&E" by blast+
6193  note props = props this
6194
6195  (* TODO_PLM: binary property 9 wrong in PLM *)
6196  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
6197  AOT_modally_strict {
6198    AOT_have [«»] by "cqt:2[lambda]"
6199  } note 1 = this
6200  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6201  proof(safe intro!: "&I"; AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
6202    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6203      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6204                "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6205  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
6206    proof (rule act_and_pos_not_not_delta)
6207      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6208        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6209                  "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6210    next
6211      AOT_show ¬(¬[E!]b & ([O!]b  q0))
6212      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
6213        AOT_modally_strict {
6214          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
6215            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2) "∨E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
6216        }
6217      next
6218        AOT_show ([E!]b  ¬([O!]b  q0))
6219          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6220       qed
6221     qed
6222   next
6223     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6224       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
6225   next
6226     AOT_show Δ(¬[E!]a & ([O!]a  q0))
6227     proof (rule not_act_and_pos_delta)
6228       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6229         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2")
6230     next
6231       AOT_have ¬[E!]a
6232         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "raa-cor:5" by blast
6233       moreover AOT_have ([O!]a  q0)
6234         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
6235       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
6236         by (metis "KBasic:16" "&I" "vdash-properties:10")
6237     qed
6238   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
6239  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
6240    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6241  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
6242    using "&E" by blast+
6243  note props = props this
6244
6245  AOT_modally_strict {
6246    AOT_have y ¬q0] by "cqt:2[lambda]"
6247  } note 1 = this
6248  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
6249    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
6250       (auto simp: act_not_q_zero not_delta_not_q_zero "beta-C-meta"[THEN "→E", OF 1])
6251  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
6252    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6253  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
6254    using "&E" by blast+
6255  note props = props this
6256
6257  AOT_modally_strict {
6258    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
6259  } note 1 = this
6260  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b & 𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
6261  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
6262    AOT_show 𝒜¬[E!]b
6263      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
6264  next AOT_show ¬Δ¬[E!]b
6265      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
6266  next AOT_show 𝒜¬[E!]a
6267      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
6268  next AOT_show Δ¬[E!]a
6269      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "reductio-aa:1" by blast
6270  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6271  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
6272    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6273  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
6274    using "&E" by blast+
6275  note props = props this
6276
6277  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
6278    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
6279  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
6280    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6281  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
6282    using "&E" by blast+
6283  note props = props this
6284
6285  let  = "«y [O!]y  q0]»"
6286  AOT_modally_strict {
6287    AOT_have [«»] by "cqt:2[lambda]"
6288  } note 1 = this
6289  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6290  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
6291    AOT_show 𝒜([O!]b  q0)
6292      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
6293  next AOT_show Δ([O!]b  q0)
6294      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6295  next AOT_show ¬𝒜([O!]a  q0)
6296      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6297  next AOT_show Δ([O!]a  q0)
6298    proof (rule not_act_and_pos_delta)
6299      AOT_show ¬𝒜([O!]a  q0)
6300        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6301    next AOT_show ([O!]a  q0)
6302        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
6303    qed
6304  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6305  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
6306    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6307  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
6308    using "&E" by blast+
6309  note props = props this
6310
6311  let  = "«y [O!]y  ¬q0]»"
6312  AOT_modally_strict {
6313     AOT_have [«»] by "cqt:2[lambda]"
6314  } note 1 = this
6315  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6316  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
6317    AOT_show 𝒜([O!]b  ¬q0)
6318      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6319  next AOT_show Δ([O!]b  ¬q0)
6320      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6321  next AOT_show 𝒜([O!]a  ¬q0)
6322      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6323  next AOT_show ¬Δ([O!]a  ¬q0)
6324    proof(rule act_and_pos_not_not_delta)
6325      AOT_show 𝒜([O!]a  ¬q0)
6326        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6327    next
6328      AOT_have ¬[O!]a
6329        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
6330      moreover AOT_have q0
6331        by (meson "&E"(1) q0_prop)
6332      ultimately AOT_have 2: (¬[O!]a & q0)
6333         by (metis "KBasic:16" "&I" "vdash-properties:10")
6334      AOT_show ¬([O!]a  ¬q0)
6335      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
6336        AOT_modally_strict {
6337          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
6338            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
6339                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
6340        }
6341      next
6342        AOT_show (¬[O!]a & q0)
6343          using "2" by blast
6344      qed
6345    qed
6346  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6347  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
6348    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6349  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
6350    using "&E" by blast+
6351  note props = props this
6352
6353  AOT_have [L]
6354    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6355  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
6356  proof (safe intro!: "&I")
6357    AOT_show 𝒜[L]b
6358      by (meson nec_L "nec-imp-act" "vdash-properties:10")
6359    next AOT_show Δ[L]b using nec_L nec_delta by blast
6360    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "vdash-properties:10")
6361    next AOT_show Δ[L]a using nec_L nec_delta by blast
6362  qed
6363  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
6364    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6365  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
6366    using "&E" by blast+
6367  note props = props this
6368
6369  show ?thesis
6370    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1]; rule "∃I"(2)[where β=F2];
6371           rule "∃I"(2)[where β=F3]; rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
6372           rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7]; rule "∃I"(2)[where β=F8];
6373           rule "∃I"(2)[where β=F9]; rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
6374           rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13]; rule "∃I"(2)[where β=F14];
6375           rule "∃I"(2)[where β=F15]; safe intro!: "&I")
6376       (match conclusion in "[?v  [F]  [G]]" for F G  6377        match props in A: "[?v  ¬φ{F}]" for φ 6378        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 6379        match props in B: "[?v  φ{G}]" 6380        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
6381                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
6382                                OF "Disjunction Addition"(2)[THEN "→E"],
6383                                OF "&I", OF A, OF B]››››)+
6384qed
6385
6386subsection‹The Theory of Objects›
6387text‹\label{PLM: 9.11}›
6388
6389AOT_theorem "o-objects-exist:1": x O!x
6390proof(rule RN)
6391  AOT_modally_strict {
6392    AOT_obtain a where (E!a & ¬𝒜[E!]a)
6393      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]] by blast
6394    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
6395    AOT_have x [E!]x]a
6396    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6397      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
6398    next
6399      AOT_show E!a by (fact 1)
6400    qed
6401    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6402    AOT_thus x [O!]x by (rule "∃I")
6403  }
6404qed
6405
6406AOT_theorem "o-objects-exist:2": x A!x
6407proof (rule RN)
6408  AOT_modally_strict {
6409    AOT_obtain a where [A!]a
6410      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6411    AOT_thus x A!x using "∃I" by blast
6412  }
6413qed
6414
6415AOT_theorem "o-objects-exist:3": ¬x O!x
6416  by (rule RN) (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2" "qml:2"[axiom_inst] "reductio-aa:2")
6417
6418AOT_theorem "o-objects-exist:4": ¬x A!x
6419  by (rule RN) (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2" "qml:2"[axiom_inst] "→E")
6420
6421AOT_theorem "o-objects-exist:5": ¬x E!x
6422proof (rule RN; rule "raa-cor:2")
6423  AOT_modally_strict {
6424    AOT_assume x E!x
6425    moreover AOT_obtain a where abs: A!a
6426      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]] "∃E"[rotated] by blast
6427    ultimately AOT_have E!a using "∀E" by blast
6428    AOT_hence 1: E!a by (metis "T◇" "→E")
6429    AOT_have y E!y]a
6430    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6431      AOT_show a using "cqt:2[const_var]"[axiom_inst].
6432    next
6433      AOT_show E!a by (fact 1)
6434    qed
6435    AOT_hence O!a
6436      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6437    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
6438    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
6439  }
6440qed
6441
6442AOT_theorem partition: ¬x (O!x & A!x)
6443proof(rule "raa-cor:2")
6444  AOT_assume x (O!x & A!x)
6445  then AOT_obtain a where O!a & A!a using "∃E"[rotated] by blast
6446  AOT_thus p & ¬p for p by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1) "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
6447qed
6448
6449AOT_define eq_E :: ‹Π› ("'(=E')") "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
6450
6451syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
6452translations
6453  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
6454(* TODO: try to replace by a simple translations pattern *)
6455print_translation6456AOT_syntax_print_translations
6457[(const_syntax‹AOT_exe›, fn ctxt => fn [
6458  Const ("constAOT_PLM.eq_E", _),
6459  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6460] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
6461
6462text‹Note: Not explicitly mentioned as theorem in PLM.›
6463AOT_theorem "=E[denotes]": [(=E)]
6464  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
6465
6466AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
6467proof -
6468  (* TODO: rethink the product hacks *)
6469  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6470    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6471  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2[lambda]"
6472  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
6473    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(AOT_term_of_var x,AOT_term_of_var y)", OF 0]
6474    by fast
6475qed
6476
6477AOT_theorem "=E-simple:2": x =E y  x = y
6478proof (rule "→I")
6479  AOT_assume x =E y
6480  AOT_hence O!x & O!y & F ([F]x  [F]y) using "=E-simple:1"[THEN "≡E"(1)] by blast
6481  AOT_thus x = y
6482    using "≡dfI"[OF "identity:1"] "∨I" by blast
6483qed
6484
6485AOT_theorem "id-nec3:1": x =E y  (x =E y)
6486proof (rule "≡I"; rule "→I")
6487  AOT_assume x =E y
6488  AOT_hence O!x & O!y & F ([F]x  [F]y)
6489    using "=E-simple:1" "≡E" by blast
6490  AOT_hence O!x & O!y & F ([F]x  [F]y)
6491    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4) "oa-facts:1" "raa-cor:3" "vdash-properties:10")
6492  AOT_hence (O!x & O!y & F ([F]x  [F]y))
6493    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
6494  AOT_thus (x =E y)
6495    using "=E-simple:1"
6496    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
6497next
6498  AOT_assume (x =E y)
6499  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
6500qed
6501
6502AOT_theorem "id-nec3:2": (x =E y)  x =E y
6503  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1) "≡E"(5) "Commutativity of ≡")
6504
6505AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
6506  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
6507
6508syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
6509translations
6510  (Π) "(≠E)" == (Π) "(=E)-"
6511syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
6512translations
6513 "_AOT_non_eq_E_infix κ κ'" == "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
6514(* TODO: try replacing be a simple translations pattern *)
6515print_translation6516AOT_syntax_print_translations
6517[(const_syntax‹AOT_exe›, fn ctxt => fn [
6518  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
6519  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6520] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
6521AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
6522proof -
6523  (* TODO: rethink the product hacks *)
6524  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6525    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6526  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2[lambda]" (* TODO_PLM: convoluted proof in PLM; TODO: product hack *)
6527  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
6528    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
6529       (meson "oth-class-taut:3:a")
6530  also AOT_have   ¬(=E)xy
6531    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
6532     apply "cqt:2[lambda]"
6533    by (fact 0)
6534  finally show ?thesis.
6535qed
6536
6537AOT_theorem "id-nec4:1": x E y  (x E y)
6538proof -
6539  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
6540  also AOT_have   ¬(x =E y)
6541    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
6542  also AOT_have   ¬(x =E y)
6543    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
6544  also AOT_have   (x E y)
6545    by (AOT_subst (reverse) ¬(x =E y) x E y)
6546       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
6547  finally show ?thesis.
6548qed
6549
6550AOT_theorem "id-nec4:2": (x E y)  (x E y)
6551  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2) "≡E"(5) "Commutativity of ≡")
6552
6553AOT_theorem "id-nec4:3": (x E y)  (x E y)
6554  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
6555
6556AOT_theorem "id-act2:1": x =E y  𝒜x =E y
6557  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1) "≡E"(6))
6558AOT_theorem "id-act2:2": x E y  𝒜x E y
6559  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1) "≡E"(6))
6560
6561AOT_theorem "ord=Eequiv:1": O!x  x =E x
6562proof (rule "→I")
6563  AOT_assume 1: O!x
6564  AOT_show x =E x
6565    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
6566    apply (rule "β←C"(1))
6567      apply "cqt:2[lambda]"
6568     apply (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6569    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
6570qed
6571
6572AOT_theorem "ord=Eequiv:2": x =E y  y =E x
6573proof(rule CP)
6574  AOT_assume 1: x =E y
6575  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
6576  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
6577  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
6578  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
6579qed
6580
6581AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
6582proof (rule CP)
6583  AOT_assume 1: x =E y & y =E z
6584  AOT_hence x = y & y = z
6585    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
6586  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
6587  moreover AOT_have x =E x
6588    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1) "ord=Eequiv:1" "→E" by blast
6589  ultimately AOT_show x =E z
6590    using "rule=E" by fast
6591qed
6592
6593AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
6594proof(rule CP)
6595  AOT_assume O!x  O!y
6596  moreover {
6597    AOT_assume O!x
6598    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
6599    moreover {
6600      AOT_modally_strict {
6601        AOT_have O!x  (x = y  x =E y)
6602        proof (rule "→I"; rule "≡I"; rule "→I")
6603          AOT_assume O!x
6604          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
6605          moreover AOT_assume x = y
6606          ultimately AOT_show x =E y using "rule=E" by fast
6607        next
6608          AOT_assume x =E y
6609          AOT_thus x = y by (metis "=E-simple:2" "→E")
6610        qed
6611      }
6612      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
6613    }
6614    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6615  }
6616  moreover {
6617    AOT_assume O!y
6618    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
6619    moreover {
6620      AOT_modally_strict {
6621        AOT_have O!y  (x = y  x =E y)
6622        proof (rule "→I"; rule "≡I"; rule "→I")
6623          AOT_assume O!y
6624          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
6625          moreover AOT_assume x = y
6626          ultimately AOT_show x =E y using "rule=E" id_sym by fast
6627        next
6628          AOT_assume x =E y
6629          AOT_thus x = y by (metis "=E-simple:2" "→E")
6630        qed
6631      }
6632      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
6633    }
6634    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6635  }
6636  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
6637qed
6638
6639AOT_theorem "ord-=E=:2": O!y  x x = y]
6640proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
6641  AOT_show x x =E y] by "cqt:2[lambda]"
6642next
6643  AOT_assume O!y
6644  AOT_hence 1: (x = y  x =E y) for x using "ord-=E=:1" "→E" "∨I" by blast
6645  AOT_have (x =E y  x = y) for x
6646    by (AOT_subst x =E y  x = y x = y  x =E y)
6647       (auto simp add: "Commutativity of ≡" 1)
6648  AOT_hence x (x =E y  x = y) by (rule GEN)
6649  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
6650qed
6651
6652
6653AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
6654proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
6655  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
6656next
6657  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
6658  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
6659    AOT_modally_strict {
6660      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
6661        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
6662                  "modus-tollens:1" "raa-cor:1" that)
6663    }
6664  next
6665    AOT_modally_strict {
6666      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
6667        apply(safe intro!: "&I")
6668          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
6669         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
6670        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
6671              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]] by fast
6672    }
6673  qed
6674qed
6675
6676AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
6677proof(rule "→I")
6678  AOT_assume F ([F]x  [F]y)
6679  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
6680  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
6681    using "∀E" by blast
6682  moreover AOT_have x F ([F]x  [F]y)]y
6683    apply (rule "β←C"(1))
6684      apply "cqt:2[lambda]"
6685     apply (fact "cqt:2[const_var]"[axiom_inst])
6686    by (simp add: RN GEN "oth-class-taut:3:a")
6687  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
6688  AOT_thus F ([F]x  [F]y)
6689    using "β→C"(1) by blast
6690qed
6691
6692AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
6693proof (rule "→I"; rule "→I")
6694  AOT_assume F ([F]x  [F]y)
6695  AOT_hence F ([F]x  [F]y)
6696    using "ind-nec"[THEN "→E"] by blast
6697  moreover AOT_assume O!x & O!y
6698  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
6699    using "&I" by blast
6700  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
6701qed
6702
6703AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
6704proof (rule "→I"; rule "→I")
6705  AOT_assume O!x & O!y
6706  moreover AOT_assume F ([F]x  [F]y)
6707  ultimately AOT_have x =E y
6708    using "ord=E:1" "→E" by blast
6709  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
6710qed
6711
6712AOT_theorem "ord=E2:1": (O!x & O!y)  (x  y  z z =E x]  z z =E y])
6713proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6714  AOT_assume 0: O!x & O!y
6715  AOT_assume x  y
6716  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6717  AOT_assume z z =E x] = z z =E y]
6718  moreover AOT_have z z =E x]x
6719    apply (rule "β←C"(1))
6720      apply "cqt:2[lambda]"
6721     apply (fact "cqt:2[const_var]"[axiom_inst])
6722    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
6723  ultimately AOT_have z z =E y]x using "rule=E" by fast
6724  AOT_hence x =E y using "β→C"(1) by blast
6725  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
6726  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6727next
6728  AOT_assume z z =E x]  z z =E y]
6729  AOT_hence 0: ¬(z z =E x] = z z =E y]) using "≡dfE"[OF "=-infix"] by blast
6730  AOT_have z z =E x] by "cqt:2[lambda]"
6731  AOT_hence z z =E x] = z z =E x]
6732    by (metis "rule=I:1")
6733  moreover AOT_assume x = y
6734  ultimately AOT_have z z =E x] = z z =E y]
6735    using "rule=E" by fast
6736  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
6737    using 0 "&I" by blast
6738qed
6739
6740AOT_theorem "ord=E2:2": (O!x & O!y)  (x  y  z z = x]  z z = y])
6741proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6742  AOT_assume 0: O!x & O!y
6743  AOT_assume x  y
6744  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6745  AOT_assume z z = x] = z z = y]
6746  moreover AOT_have z z = x]x
6747    apply (rule "β←C"(1))
6748    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6749     apply (fact "cqt:2[const_var]"[axiom_inst])
6750    by (simp add: "id-eq:1")
6751  ultimately AOT_have z z = y]x using "rule=E" by fast
6752  AOT_hence x = y using "β→C"(1) by blast
6753  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6754next
6755  AOT_assume 0: O!x & O!y
6756  AOT_assume z z = x]  z z = y]
6757  AOT_hence 1: ¬(z z = x] = z z = y]) using "≡dfE"[OF "=-infix"] by blast
6758  AOT_have z z = x] by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6759  AOT_hence z z = x] = z z = x]
6760    by (metis "rule=I:1")
6761  moreover AOT_assume x = y
6762  ultimately AOT_have z z = x] = z z = y]
6763    using "rule=E" by fast
6764  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
6765    using 1 "&I" by blast
6766qed
6767
6768AOT_theorem ordnecfail: O!x  ¬F x[F]
6769  by (meson "RM:1" "deduction-theorem" nocoder "oa-facts:1" "vdash-properties:10" "vdash-properties:1[2]")
6770
6771AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
6772proof (rule "→I"; rule "→I")
6773  AOT_assume 1: A!x & A!y
6774  AOT_assume F (x[F]  y[F])
6775  AOT_hence x[F]  y[F] for F using "∀E" by blast
6776  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
6777  AOT_hence F (x[F]  y[F]) by (rule GEN)
6778  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
6779  AOT_thus x = y
6780    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
6781qed
6782
6783AOT_theorem "ab-obey:2": (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
6784proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6785  AOT_assume 1: x = y
6786  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
6787  moreover {
6788    AOT_assume F (x[F] & ¬y[F])
6789    then AOT_obtain F where x[F] & ¬y[F] using "∃E"[rotated] by blast
6790    moreover AOT_have y[F] using calculation[THEN "&E"(1)] 1 "rule=E" by fast
6791    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
6792  }
6793  moreover {
6794    AOT_assume F (y[F] & ¬x[F])
6795    then AOT_obtain F where y[F] & ¬x[F] using "∃E"[rotated] by blast
6796    moreover AOT_have ¬y[F] using calculation[THEN "&E"(2)] 1 "rule=E" by fast
6797    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
6798  }
6799  ultimately AOT_show p & ¬p for p by (metis "∨E"(3) "raa-cor:1")
6800qed
6801
6802AOT_theorem "encoders-are-abstract": F x[F]  A!x
6803  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
6804            "oa-contingent:3" "vdash-properties:1[2]")
6805
6806AOT_theorem "denote=:1": Hx x[H]
6807  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6808
6809AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
6810  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6811
6812AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
6813  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6814
6815AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
6816  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6817
6818AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
6819  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6820
6821AOT_theorem "denote=:3": x x[Π]  H (H = Π)
6822  using "existence:2[1]" "free-thms:1" "≡E"(2) "≡E"(5) "Commutativity of ≡" "≡Df" by blast
6823
6824AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
6825  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
6826
6827AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
6828  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
6829
6830AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
6831  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
6832
6833AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
6834  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
6835
6836AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
6837proof (rule "uniqueness:1"[THEN "≡dfI"])
6838  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
6839    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
6840  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
6841  proof (rule "→I")
6842    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
6843    AOT_hence β[F]  φ{F} for F using "∀E" "&E" by blast
6844    AOT_hence β[F]  a[F] for F
6845      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2) "≡E"(5) "Commutativity of ≡" by fast
6846    AOT_hence F (β[F]  a[F]) by (rule GEN)
6847    AOT_thus β = a
6848      using "ab-obey:1"[THEN "→E", OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]], THEN "→E"] by blast
6849  qed
6850  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
6851  AOT_thus α ([A!]α & F (α[F]  φ{F}) & β ([A!]β & F (β[F]  φ{F})  β = α))
6852    using "∃I" using a_prop "&I" by fast
6853qed
6854
6855AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
6856  using "A-objects!" by fast
6857
6858AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
6859  using "A-objects!" by fast
6860
6861AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
6862  using "A-objects!" by fast
6863
6864AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
6865  using "A-objects!" by fast
6866
6867AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
6868  using "A-objects!" by fast
6869
6870AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
6871  using "A-objects!" by fast
6872
6873AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
6874  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
6875
6876AOT_act_theorem "thm-can-terms2": y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6877  using "y-in:2" by blast
6878
6879AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
6880proof(rule "→I")
6881  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6882  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
6883    using "actual-desc:2"[THEN "→E"] by blast
6884  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
6885  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
6886qed
6887
6888AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6889proof -
6890  AOT_have ιx(A!x & F (x[F]  φ{F}))
6891    by (simp add: "A-descriptions")
6892  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6893    using "y-in:3"[THEN "→E"] by blast
6894  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6895    using "&E" "∀E" by blast
6896qed
6897
6898AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6899  using "desc-encode:1".
6900
6901AOT_theorem "desc-nec-encode:1": ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6902proof -
6903  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
6904    by (simp add: "A-descriptions")
6905  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
6906    using "actual-desc:4"[THEN "→E"] by blast
6907  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6908    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
6909  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6910    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
6911  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6912    using "∀E" by blast
6913  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6914    using "Act-Basic:5" "≡E"(1) by blast
6915  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6916    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
6917qed
6918
6919AOT_theorem "desc-nec-encode:2": ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6920  using "desc-nec-encode:1".
6921
6922AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
6923  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
6924     (meson "nec-imp-act" "vdash-properties:10")
6925
6926AOT_theorem "Box-desc-encode:2": φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6927proof(rule CP)
6928  AOT_assume φ{G}
6929  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
6930  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6931  proof (rule RM; rule "→I")
6932    AOT_modally_strict {
6933      AOT_assume 1: φ{G}
6934      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G] using "Box-desc-encode:1" "→E" by blast
6935      moreover AOT_have φ{G} using 1 by (meson "qml:2" "vdash-properties:10" "vdash-properties:1[2]")
6936      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
6937        using "deduction-theorem" "≡I" by simp
6938    }
6939  qed
6940  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}) using "→E" by blast
6941qed
6942
6943definition rigid_condition where rigid_condition φ  v . [v  α (φ{α}  φ{α})]
6944syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
6945
6946AOT_theorem "strict-can:1[E]": assumes RIGID_CONDITION(φ)
6947  shows α (φ{α}  φ{α})
6948  using assms[unfolded rigid_condition_def] by auto
6949
6950AOT_theorem "strict-can:1[I]":
6951  assumes  α (φ{α}  φ{α})
6952  shows RIGID_CONDITION(φ)
6953  using assms rigid_condition_def by auto
6954
6955AOT_theorem "box-phi-a:1": assumes RIGID_CONDITION(φ)
6956  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
6957proof (rule "→I")
6958  AOT_assume a: A!x & F (x[F]  φ{F})
6959  AOT_hence b: A!x by (metis "Conjunction Simplification"(1) "oa-facts:2" "vdash-properties:10")
6960  AOT_have x[F]  φ{F} for F using a[THEN "&E"(2)] "∀E" by blast
6961  moreover AOT_have (x[F]  x[F]) for F by (meson "pre-en-eq:1[1]" RN)
6962  moreover AOT_have (φ{F}  φ{F}) for F using RN "strict-can:1[E]"[OF assms] "∀E" by blast
6963  ultimately AOT_have (x[F]  φ{F}) for F
6964    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
6965  AOT_hence F (x[F]  φ{F}) by (rule GEN)
6966  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
6967  AOT_thus ([A!]x & F (x[F]  φ{F}))
6968    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
6969qed
6970
6971AOT_theorem "box-phi-a:2": assumes RIGID_CONDITION(φ)
6972  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6973proof(rule "→I")
6974  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6975  AOT_hence 𝒜(A!y & F (y[F]  φ{F})) using "actual-desc:2"[THEN "→E"] by fast
6976  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
6977    using "Act-Basic:2" "&E" "≡E"(1) by blast+
6978  AOT_hence F 𝒜(y[F]  φ{F}) by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
6979  AOT_hence 𝒜(y[F]  φ{F}) for F using "∀E" by blast
6980  AOT_hence 𝒜y[F]  𝒜φ{F} for F by (metis "Act-Basic:5" "≡E"(1)) 
6981  AOT_hence y[F]  φ{F} for F
6982    using "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6983    by (metis "en-eq:10[1]" "≡E"(6))
6984  AOT_hence F (y[F]  φ{F}) by (rule GEN)
6985  AOT_thus [A!]y & F (y[F]  φ{F}) using abs "&I" "≡E"(2) "oa-facts:8" by blast
6986qed
6987
6988AOT_theorem "box-phi-a:3": assumes RIGID_CONDITION(φ)
6989  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6990  using "desc-nec-encode:2"
6991    "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6992    "≡E"(5) by blast
6993
6994AOT_define Null :: ‹τ  φ› ("Null'(_')") 
6995  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
6996
6997AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
6998  "df-null-uni:2": Universal(x) df A!x & F x[F]
6999
7000AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
7001proof (rule "uniqueness:1"[THEN "≡dfI"])
7002  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
7003    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7004  AOT_have a_null: ¬a[F] for F
7005  proof (rule "raa-cor:2")
7006    AOT_assume a[F]
7007    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
7008    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
7009    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
7010  qed
7011  AOT_have Null(a) & β (Null(β)  β = a)
7012  proof (rule "&I")
7013    AOT_have ¬F a[F] using a_null by (metis "instantiation" "reductio-aa:1")
7014    AOT_thus Null(a)
7015      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
7016  next
7017    AOT_show β (Null(β)  β = a)
7018    proof (rule GEN; rule "→I")
7019      fix β
7020      AOT_assume a: Null(β)
7021      AOT_hence ¬F β[F]
7022        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
7023      AOT_hence β_null: ¬β[F] for F by (metis "existential:2[const_var]" "reductio-aa:1")
7024      AOT_have F (β[F]  a[F])
7025        apply (rule GEN; rule "≡I"; rule CP)
7026        using "raa-cor:3" β_null a_null by blast+
7027      moreover AOT_have A!β using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
7028      ultimately AOT_show β = a
7029        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" by blast
7030    qed
7031  qed
7032  AOT_thus α (Null(α) & β (Null(β)  β = α)) using "∃I"(2) by fast
7033qed
7034
7035AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
7036proof (rule "uniqueness:1"[THEN "≡dfI"])
7037  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
7038    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7039  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
7040  AOT_hence Universal(a)
7041    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
7042  moreover AOT_have β (Universal(β)  β = a)
7043  proof (rule GEN; rule "→I")
7044    fix β
7045    AOT_assume Universal(β)
7046    AOT_hence abs_β: A!β and β[F] for F using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
7047    AOT_hence β[F]  a[F] for F using aF by (metis "deduction-theorem" "≡I")
7048    AOT_hence F (β[F]  a[F]) by (rule GEN)
7049    AOT_thus β = a
7050      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" abs_β by blast
7051  qed
7052  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
7053    using "&I" "∃I" by fast
7054qed
7055
7056AOT_theorem "null-uni-uniq:3": ιx Null(x)
7057  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
7058
7059AOT_theorem "null-uni-uniq:4": ιx Universal(x)
7060  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
7061
7062AOT_define Null_object :: ‹κs (a)
7063  "df-null-uni-terms:1": a =df ιx Null(x)
7064
7065AOT_define Universal_object :: ‹κs (aV)
7066  "df-null-uni-terms:2": aV =df ιx Universal(x)
7067
7068AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
7069proof (rule "→I")
7070  AOT_assume Null(x)
7071  AOT_hence x_abs: A!x and x_null: ¬F x[F]
7072    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
7073  AOT_have ¬x[F] for F using x_null
7074    using "existential:2[const_var]" "reductio-aa:1"
7075    by metis
7076  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
7077  AOT_hence F ¬x[F] by (rule GEN)
7078  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
7079  moreover AOT_have F ¬x[F]  ¬F x[F]
7080    apply (rule RM)
7081    by (metis (full_types) "instantiation" "cqt:2[const_var]" "deduction-theorem"
7082                           "reductio-aa:1" "rule-ui:1" "vdash-properties:1[2]")
7083  ultimately AOT_have ¬F x[F]
7084    by (metis "→E")
7085  moreover AOT_have A!x using x_abs
7086    using "oa-facts:2" "vdash-properties:10" by blast
7087  ultimately AOT_have r: (A!x & ¬F x[F])
7088    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
7089  AOT_show Null(x)
7090    by (AOT_subst Null(x) A!x & ¬F x[F])
7091       (auto simp: "df-null-uni:1" "≡Df" r)
7092qed  
7093
7094AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
7095proof (rule "→I")
7096  AOT_assume Universal(x)
7097  AOT_hence x_abs: A!x and x_univ: F x[F]
7098    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
7099  AOT_have x[F] for F using x_univ "∀E" by blast
7100  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
7101  AOT_hence F x[F] by (rule GEN)
7102  AOT_hence F x[F] by (rule BF[THEN "→E"])
7103  moreover AOT_have A!x using x_abs
7104    using "oa-facts:2" "vdash-properties:10" by blast
7105  ultimately AOT_have r: (A!x & F x[F])
7106    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
7107  AOT_show Universal(x)
7108    by (AOT_subst Universal(x) A!x & F x[F])
7109       (auto simp add: "df-null-uni:2" "≡Df" r)
7110qed
7111
7112AOT_theorem "null-uni-facts:3": Null(a)
7113  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
7114   apply (simp add: "null-uni-uniq:3")
7115  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
7116    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"], THEN "≡E"(1)]
7117  by blast
7118
7119AOT_theorem "null-uni-facts:4": Universal(aV)
7120  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
7121   apply (simp add: "null-uni-uniq:4")
7122  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
7123    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"], THEN "≡E"(1)]
7124  by blast
7125
7126AOT_theorem "null-uni-facts:5": a  aV
7127proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
7128    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
7129    rule "≡dfI"[OF "=-infix"];
7130    rule "raa-cor:2")
7131  AOT_obtain x where nullx: Null(x)
7132    by (metis "instantiation" "df-null-uni-terms:1" "existential:1" "null-uni-facts:3"
7133              "null-uni-uniq:3" "rule-id-df:2:b[zero]")
7134  AOT_hence act_null: 𝒜Null(x) by (metis "nec-imp-act" "null-uni-facts:1" "vdash-properties:10")
7135  AOT_assume ιx Null(x) = ιx Universal(x)
7136  AOT_hence 𝒜x(Null(x)  Universal(x))
7137    using "actual-desc:5"[THEN "→E"] by blast
7138  AOT_hence x 𝒜(Null(x)  Universal(x))
7139    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
7140  AOT_hence 𝒜Null(x)  𝒜Universal(x)
7141    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
7142  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
7143  AOT_hence Universal(x) by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "vdash-properties:10")
7144  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
7145  moreover AOT_have ¬F x[F] using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
7146  ultimately AOT_show p & ¬p for p by (metis "cqt-further:1" "raa-cor:3" "vdash-properties:10")
7147qed
7148
7149AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
7150proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7151  AOT_show ιx([A!]x & F (x[F]  F  F))
7152    by (simp add: "A-descriptions")
7153next
7154  AOT_show a
7155    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7156       (simp add: "null-uni-uniq:3")
7157next
7158  AOT_have ιx([A!]x & F (x[F]  F  F))
7159    by (simp add: "A-descriptions")
7160  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
7161    using "rule=I:1" by blast
7162  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
7163    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"]; rule "&I")
7164    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:a[zero]" "vdash-properties:10")
7165    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7166next
7167  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
7168  proof (rule GEN)
7169    fix F
7170    AOT_have ¬a[F]
7171      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7172         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3)
7173                "df-null-uni:1" "df-null-uni-terms:1" "existential:2[const_var]" "null-uni-facts:3"
7174                "raa-cor:2" "rule-id-df:2:a[zero]" "russell-axiom[enc,1].ψ_denotes_asm")
7175    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
7176    proof(rule "raa-cor:2")
7177      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
7178      AOT_hence 𝒜(F  F) using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
7179      moreover AOT_have ¬𝒜(F  F)
7180        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2) "=-infix" "raa-cor:3" by blast
7181      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
7182    qed
7183    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
7184      using "deduction-theorem" "≡I" "raa-cor:4" by blast
7185  qed
7186qed
7187
7188AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
7189proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7190  AOT_show ιx([A!]x & F (x[F]  F = F))
7191    by (simp add: "A-descriptions")
7192next
7193  AOT_show aV
7194    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7195       (simp add: "null-uni-uniq:4")
7196next
7197  AOT_have ιx([A!]x & F (x[F]  F = F))
7198    by (simp add: "A-descriptions")
7199  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
7200    using "rule=I:1" by blast
7201  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
7202    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"]; rule "&I")
7203    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "vdash-properties:10")
7204    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7205next
7206  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
7207  proof (rule GEN)
7208    fix F
7209    AOT_have aV[F]
7210      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7211      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "rule-ui:3" by blast
7212    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
7213      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
7214    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
7215      using "deduction-theorem" "≡I" by simp
7216  qed
7217qed
7218
7219AOT_theorem "aclassical:1": Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
7220proof(rule GEN)
7221  fix R
7222  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
7223    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7224  AOT_have a_enc: az [R]za]
7225  proof (rule "raa-cor:1")
7226    AOT_assume 0: ¬az [R]za]
7227    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7228      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
7229                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7230         "cqt:2[lambda]"
7231    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7232      using "cqt-further:4" "vdash-properties:10" by blast
7233    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za]) using "∀E" by blast
7234    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
7235      by (metis "&I" "deduction-theorem" "raa-cor:3")
7236    moreover AOT_have z [R]za] = z [R]za]
7237      by (rule "=I") "cqt:2[lambda]"
7238    ultimately AOT_have az [R]za] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7239    AOT_thus az [R]za] & ¬az [R]za]
7240      using 0 "&I" by blast
7241  qed
7242  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7243    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7244  then AOT_obtain b where b_prop: A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
7245    using "∃E"[rotated] by blast
7246  AOT_have a  b
7247    apply (rule "≡dfI"[OF "=-infix"])
7248    using a_enc b_prop[THEN "&E"(2)]
7249    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7250  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
7251    using b_prop "&E" a_prop "&I" by meson
7252  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
7253  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
7254qed
7255
7256AOT_theorem "aclassical:2": Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
7257proof(rule GEN)
7258  fix R
7259  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
7260    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7261  AOT_have a_enc: az [R]az]
7262  proof (rule "raa-cor:1")
7263    AOT_assume 0: ¬az [R]az]
7264    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7265      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
7266                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7267         "cqt:2[lambda]"
7268    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7269      using "cqt-further:4" "vdash-properties:10" by blast
7270    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az]) using "∀E" by blast
7271    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
7272      by (metis "&I" "deduction-theorem" "raa-cor:3")
7273    moreover AOT_have z [R]az] = z [R]az]
7274      by (rule "=I") "cqt:2[lambda]"
7275    ultimately AOT_have az [R]az] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7276    AOT_thus az [R]az] & ¬az [R]az]
7277      using 0 "&I" by blast
7278  qed
7279  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7280    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7281  then AOT_obtain b where b_prop: A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
7282    using "∃E"[rotated] by blast
7283  AOT_have a  b
7284    apply (rule "≡dfI"[OF "=-infix"])
7285    using a_enc b_prop[THEN "&E"(2)]
7286    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7287  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
7288    using b_prop "&E" a_prop "&I" by meson
7289  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
7290  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
7291qed
7292
7293AOT_theorem "aclassical:3": Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
7294proof(rule GEN)
7295  fix R
7296  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
7297    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7298  AOT_have z [R]a] by "cqt:2[lambda]"
7299  (* TODO: S should no longer be necessary *)
7300  then AOT_obtain S where S_def: S = z [R]a]
7301    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
7302  AOT_have a_enc: a[S]
7303  proof (rule "raa-cor:1")
7304    AOT_assume 0: ¬a[S]
7305    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
7306      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
7307                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated]) 
7308    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
7309      using "cqt-further:4" "vdash-properties:10" by blast
7310    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
7311    AOT_hence (A!a & S = z [R]a])  a[S]
7312      by (metis "&I" "deduction-theorem" "raa-cor:3")
7313    moreover AOT_have S = z [R]a] using S_def .
7314    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7315    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
7316  qed
7317  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
7318    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
7319  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
7320    using "∃E"[rotated] by blast
7321  AOT_have 1: a  b
7322    apply (rule "≡dfI"[OF "=-infix"])
7323    using a_enc b_prop[THEN "&E"(2)]
7324    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7325  AOT_have a:  [R]a] = ([R]a)
7326    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7327    by (meson "log-prop-prop:2")
7328  AOT_have b:  [R]b] = ([R]b)
7329    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7330    by (meson "log-prop-prop:2")
7331  AOT_have  [R]a] =  [R]b]
7332    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
7333    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
7334    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
7335     apply (rule "rule=E"[rotated, OF S_def])
7336    using b_prop "&E" apply blast
7337    apply (safe intro!: "&I")
7338    by (simp add: "log-prop-prop:2")+
7339  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
7340    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)] "&I" by auto
7341  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
7342  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
7343qed
7344
7345AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
7346proof -
7347  AOT_have x y ([A!]x & [A!]y & x  y &
7348               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7349    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
7350       "cqt:2[lambda]"
7351  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
7352               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7353    using "∃E"[rotated] by blast
7354  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
7355               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7356    using "∃E"[rotated] by blast
7357  AOT_have z xy F ([F]x  [F]y)]zx]x
7358    apply (rule "β←C"(1))
7359      apply "cqt:2[lambda]"
7360     apply (fact "cqt:2[const_var]"[axiom_inst])
7361    apply (rule "β←C"(1))
7362      apply "cqt:2[lambda]"
7363    apply (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
7364    by (simp add: "oth-class-taut:3:a" "universal-cor")
7365  AOT_hence z xy F ([F]x  [F]y)]zy]x
7366    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
7367  AOT_hence xy F ([F]x  [F]y)]xy
7368    by (rule "β→C"(1))
7369  AOT_hence F ([F]x  [F]y)
7370    using "β→C"(1) old.prod.case by fast
7371  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y) using 0 "&E" "&I" by blast
7372  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
7373  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
7374qed
7375
7376AOT_theorem "kirchner-thm:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7377proof(rule "≡I"; rule "→I")
7378  AOT_assume x φ{x}]
7379  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
7380  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7381  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7382    AOT_modally_strict {
7383      fix x y
7384      AOT_assume 0: x φ{x}]
7385      moreover AOT_assume F([F]x  [F]y)
7386      ultimately AOT_have x φ{x}]x  x φ{x}]y
7387        using "∀E" by blast
7388      AOT_thus (φ{x}  φ{y})
7389        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7390    }
7391  qed
7392  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7393    using "→E" by blast
7394next
7395  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y}))  y(x(F([F]x  [F]y) & φ{x})  φ{y})
7396  proof(rule "RM:1"; rule "→I"; rule GEN)
7397    AOT_modally_strict {
7398      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7399      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
7400        using "∀E"(2) "→E" that by blast
7401      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
7402      proof (rule "raa-cor:1")
7403        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
7404        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y})  (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7405          using "≡E"(1) "oth-class-taut:4:h" by blast
7406        moreover {
7407          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
7408          AOT_obtain a where F([F]a  [F]y) & φ{a}
7409            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7410          AOT_hence φ{y} using indisc[THEN "≡E"(1)] "&E" by blast
7411          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7412        }
7413        moreover {
7414          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7415          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
7416            using "&E"(1) "cqt-further:4" "→E" by blast
7417          AOT_hence ¬(F([F]y  [F]y) & φ{y}) using "∀E" by blast
7418          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
7419            using "≡E"(1) "oth-class-taut:5:c" by blast
7420          moreover AOT_have F([F]y  [F]y) by (simp add: "oth-class-taut:3:a" "universal-cor")
7421          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
7422          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7423        }
7424        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7425      qed
7426    }
7427  qed
7428  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7429  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
7430    using "→E" by blast
7431  AOT_thus x φ{x}]
7432    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7433qed
7434
7435AOT_theorem "kirchner-thm:2": x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7436proof(rule "≡I"; rule "→I")
7437  AOT_assume x1...xn φ{x1...xn}]
7438  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "vdash-properties:10")
7439  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7440  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7441    AOT_modally_strict {
7442      fix x1xn y1yn :: 'a AOT_var›
7443      AOT_assume 0: x1...xn φ{x1...xn}]
7444      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7445      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn  x1...xn φ{x1...xn}]y1...yn
7446        using "∀E" by blast
7447      AOT_thus (φ{x1...xn}  φ{y1...yn})
7448        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7449    }
7450  qed
7451  ultimately AOT_show x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7452    using "→E" by blast
7453next
7454  AOT_have (x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))) 
7455            y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7456  proof(rule "RM:1"; rule "→I"; rule GEN)
7457    AOT_modally_strict {
7458      AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7459      AOT_hence indisc: φ{x1...xn}  φ{y1...yn} if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
7460        using "∀E"(2) "→E" that by blast
7461      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn} for y1yn
7462      proof (rule "raa-cor:1")
7463        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7464        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}) 
7465                    (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & φ{y1...yn})
7466          using "≡E"(1) "oth-class-taut:4:h" by blast
7467        moreover {
7468          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}
7469          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
7470            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7471          AOT_hence φ{y1...yn} using indisc[THEN "≡E"(1)] "&E" by blast
7472          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7473        }
7474        moreover {
7475          AOT_assume 0: (¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))) & φ{y1...yn})
7476          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
7477            using "&E"(1) "cqt-further:4" "→E" by blast
7478          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn}) using "∀E" by blast
7479          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
7480            using "≡E"(1) "oth-class-taut:5:c" by blast
7481          moreover AOT_have F([F]y1...yn  [F]y1...yn)
7482            by (simp add: "oth-class-taut:3:a" "universal-cor")
7483          ultimately AOT_have ¬φ{y1...yn} by (metis "¬¬I" "∨E"(2))
7484          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7485        }
7486        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7487      qed
7488    }
7489  qed
7490  moreover AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7491  ultimately AOT_have y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7492    using "→E" by blast
7493  AOT_thus x1...xn φ{x1...xn}]
7494    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7495qed
7496
7497AOT_theorem "kirchner-thm-cor:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7498proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7499  fix x y
7500  AOT_assume x φ{x}]
7501  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7502    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
7503  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7504    using CBF[THEN "→E"] by blast
7505  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7506    using "∀E" by blast
7507  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7508    using CBF[THEN "→E"] by blast
7509  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
7510    using "∀E" by blast
7511  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
7512    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7513  moreover AOT_assume F([F]x  [F]y)
7514  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
7515qed
7516
7517AOT_theorem "kirchner-thm-cor:2":
7518  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7519proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7520  fix x1xn y1yn
7521  AOT_assume x1...xn φ{x1...xn}]
7522  AOT_hence 0: x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7523    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
7524  AOT_have x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7525  proof(rule GEN; rule GEN)
7526    fix x1xn y1yn
7527    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7528      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
7529      using "∀E" by blast
7530  qed
7531  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7532    using "∀E" by blast
7533  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7534    using "∀E" by blast
7535  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7536    using "∀E" by blast
7537  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
7538    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7539  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7540  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2[lambda]"
7541  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn  x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7542    using "∀E" by blast
7543  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7544    apply (rule "β←C"(1))
7545      apply "cqt:2[lambda]"
7546     apply (fact "cqt:2[const_var]"[axiom_inst])
7547    by (simp add: RN GEN "oth-class-taut:3:a")
7548  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn using "≡E"(2) by blast
7549  AOT_hence F ([F]x1...xn  [F]y1...yn)
7550    using "β→C"(1) by blast
7551  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
7552qed
7553
7554subsection‹Propositional Properties›
7555text‹\label{PLM: 9.12}›
7556
7557AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
7558  "prop-prop1": Propositional([F]) df p(F = y p])
7559
7560AOT_theorem "prop-prop2:1": p y p]
7561  by (rule GEN) "cqt:2[lambda]"
7562
7563AOT_theorem "prop-prop2:2": ν φ]
7564  by "cqt:2[lambda]"
7565
7566AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
7567proof (rule "→I")
7568  AOT_assume 0: F = y p]
7569  AOT_show x([F]x  p)
7570    by (rule "rule=E"[rotated, OF 0[symmetric]]; rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
7571      "cqt:2[lambda]"
7572qed
7573
7574AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
7575proof(rule "→I")
7576  AOT_assume Propositional([F])
7577  AOT_hence p(F = y p]) using "≡dfE"[OF "prop-prop1"] by blast
7578  then AOT_obtain p where F = y p] using "∃E"[rotated] by blast
7579  AOT_hence (F = y p]) using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
7580  AOT_hence p (F = y p]) using "∃I" by fast
7581  AOT_hence 0: p (F = y p]) by (metis Buridan "vdash-properties:10")
7582  AOT_thus Propositional([F])
7583    using "prop-prop1"[THEN "≡Df"]
7584    by (AOT_subst Propositional([F]) p (F = y p])) auto
7585qed
7586
7587AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
7588  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
7589
7590AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
7591proof(rule "→I")
7592  AOT_assume Propositional([Π])
7593  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
7594  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
7595  AOT_show Indiscriminate([Π])
7596  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7597    AOT_show Π
7598      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
7599  next
7600    AOT_show (x [Π]x  x [Π]x)
7601    proof (rule "rule=E"[rotated, OF Π_def[symmetric]]; rule RN; rule "→I"; rule GEN)
7602      AOT_modally_strict {
7603        AOT_assume x y p]x
7604        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
7605        AOT_hence 0: p by (metis "β→C"(1))
7606        AOT_show y p]x for x
7607          apply (rule "β←C"(1))
7608            apply "cqt:2[lambda]"
7609           apply (fact "cqt:2[const_var]"[axiom_inst])
7610          by (fact 0)
7611      }
7612    qed
7613  qed
7614qed
7615
7616AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
7617proof (rule "→I")
7618  AOT_assume Necessary([F])
7619  AOT_hence 0: x1...∀xn [F]x1...xn using "≡dfE"[OF "contingent-properties:1"] by blast
7620  AOT_show Indiscriminate([F])
7621    by (rule "≡dfI"[OF "prop-indis"])
7622       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "vdash-properties:6") 
7623qed
7624
7625AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
7626proof (rule "→I")
7627  AOT_modally_strict {
7628    AOT_have x ¬[F]x  (x [F]x  x [F]x)
7629      by (metis "instantiation" "cqt-orig:3" "Hypothetical Syllogism" "deduction-theorem" "raa-cor:3")
7630  }
7631  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
7632    by (rule "RM:1")
7633  AOT_assume Impossible([F])
7634  AOT_hence x ¬[F]x using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
7635  AOT_hence 1: (x [F]x  x [F]x) using 0 "→E" by blast
7636  AOT_show Indiscriminate([F])
7637    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7638       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
7639qed
7640
7641AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
7642proof(rule "raa-cor:2")
7643  AOT_assume Indiscriminate([E!])
7644  AOT_hence 0: (x [E!]x  x [E!]x)
7645    using "≡dfE"[OF "prop-indis"] "&E" by blast
7646  AOT_hence x [E!]x  x [E!]x
7647    using "KBasic:13" "vdash-properties:10" by blast
7648  moreover AOT_have x [E!]x
7649    by (simp add: "thm-cont-e:3")
7650  ultimately AOT_have x [E!]x
7651    by (metis "vdash-properties:6")
7652  AOT_thus p & ¬p for p
7653    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
7654qed
7655
7656AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
7657proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]]; rule "raa-cor:2")
7658  AOT_assume Indiscriminate(x ¬[E!]x])
7659  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
7660    using "≡dfE"[OF "prop-indis"] "&E" by blast
7661  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
7662    using "→E" "qml:1" "vdash-properties:1[2]" by blast
7663  moreover AOT_have x x ¬[E!]x]x
7664    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
7665    apply (rule "beta-C-meta"[THEN "→E"])
7666     apply "cqt:2[lambda]"
7667    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2" "o-objects-exist:5" "vdash-properties:10")
7668  ultimately AOT_have 1: x x ¬[E!]x]x
7669    by (metis "vdash-properties:6")
7670  AOT_hence x ¬[E!]x
7671    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
7672       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
7673  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
7674  moreover AOT_obtain a where abs_a: O!a
7675    using "instantiation" "o-objects-exist:1" "qml:2" "vdash-properties:1[2]" "vdash-properties:6" by blast
7676  ultimately AOT_have ¬[E!]a using "∀E" by blast
7677  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
7678  AOT_have A!a
7679    apply (rule "=dfI"(2)[OF AOT_abstract])
7680     apply "cqt:2[lambda]"
7681    apply (rule "β←C"(1))
7682      apply "cqt:2[lambda]"
7683    using "cqt:2[const_var]"[axiom_inst] apply blast
7684    by (fact 2)
7685  AOT_thus p & ¬p for p using abs_a
7686    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
7687qed
7688
7689AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
7690proof(rule "raa-cor:2")
7691  AOT_assume Indiscriminate(O!)
7692  AOT_hence 0: (x O!x  x O!x)
7693    using "≡dfE"[OF "prop-indis"] "&E" by blast
7694  AOT_hence x O!x  x O!x
7695    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7696  moreover AOT_have x O!x
7697    using "o-objects-exist:1" by blast
7698  ultimately AOT_have x O!x
7699    by (metis "vdash-properties:6")
7700  AOT_thus p & ¬p for p
7701    by (metis "o-objects-exist:3" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7702qed
7703
7704AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
7705proof(rule "raa-cor:2")
7706  AOT_assume Indiscriminate(A!)
7707  AOT_hence 0: (x A!x  x A!x)
7708    using "≡dfE"[OF "prop-indis"] "&E" by blast
7709  AOT_hence x A!x  x A!x
7710    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7711  moreover AOT_have x A!x
7712    using "o-objects-exist:2" by blast
7713  ultimately AOT_have x A!x
7714    by (metis "vdash-properties:6")
7715  AOT_thus p & ¬p for p
7716    by (metis "o-objects-exist:4" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7717qed
7718
7719AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
7720  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
7721
7722AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
7723  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
7724
7725AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
7726  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
7727
7728AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
7729  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
7730
7731AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
7732proof(rule "→I")
7733  AOT_assume p (F = y p])
7734  AOT_hence p (F = y p])
7735    by (metis "BF◇" "vdash-properties:10")
7736  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7737  AOT_hence F = y p] by (metis "derived-S5-rules:2" emptyE "id-nec:2" "vdash-properties:6")
7738  AOT_thus p(F = y p]) by (rule "∃I")
7739qed
7740
7741AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
7742proof(rule "→I")
7743  AOT_assume p (F  y p])
7744  AOT_hence (F  y p]) for p
7745    using "∀E" by blast
7746  AOT_hence (F  y p]) for p
7747    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7748  AOT_hence p (F  y p]) by (rule GEN)
7749  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
7750qed
7751
7752AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
7753proof(rule "→I")
7754  AOT_assume p (F = y p])
7755  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7756  AOT_hence (F = y p]) by (metis "id-nec:2" "vdash-properties:6")
7757  AOT_hence p(F = y p]) by (rule "∃I")
7758  AOT_thus p(F = y p]) by (metis Buridan "vdash-properties:10")
7759qed
7760
7761AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
7762proof(rule "→I")
7763  AOT_assume p (F  y p])
7764  AOT_hence p (F  y p]) by (metis "Buridan◇" "vdash-properties:10")
7765  AOT_hence (F  y p]) for p
7766    using "∀E" by blast
7767  AOT_hence F  y p] for p
7768    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7769  AOT_thus p (F  y p]) by (rule GEN)
7770qed
7771
7772AOT_theorem "enc-prop-nec:1": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7773proof(rule "→I"; rule GEN; rule "→I")
7774  fix F
7775  AOT_assume F (x[F]  p(F = y p]))
7776  AOT_hence F (x[F]  p(F = y p]))
7777    using "Buridan◇" "vdash-properties:10" by blast
7778  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
7779  AOT_assume x[F]
7780  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
7781  AOT_hence p(F = y p])
7782    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
7783  AOT_thus p(F = y p])
7784    using "prop-prop-nec:1"[THEN "→E"] by blast
7785qed
7786
7787AOT_theorem "enc-prop-nec:2": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7788  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
7789  by blast
7790
7791(*<*)
7792end
7793(*>*)